Vulnerabilities > CVE-2007-2338 - Unspecified vulnerability in Phorum

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
phorum
exploit available

Summary

Cross-site request forgery (CSRF) vulnerability in include/admin/banlist.php in Phorum before 5.1.22 allows remote attackers to perform unauthorized banlist deletions as an administrator via the delete parameter.

Exploit-Db

descriptionPhorum 5.1.20 include/admin/banlist.php delete Parameter CSRF Banlist Deletion. CVE-2007-2338. Webapps exploit for php platform
idEDB-ID:29891
last seen2016-02-03
modified2007-04-23
published2007-04-23
reporterJanek Vind
sourcehttps://www.exploit-db.com/download/29891/
titlePhorum 5.1.20 include/admin/banlist.php delete Parameter CSRF Banlist Deletion