Cross site request forgery (csrf)

2008-02-0502:00:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.7%

JSON

Cross-site request forgery (CSRF) vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows remote attackers to assign the superadmin privilege level to arbitrary accounts as administrators via an “update member” action.

CPENameOperatorVersion
webspelleq4.01.02

CPE	Name	Operator	Version
	webspell	eq	4.01.02

References

secunia.com/advisories/28684

securityreason.com/securityalert/3606

www.securityfocus.com/archive/1/487312/100/0/threaded