Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user.
| CVE ID | Name | Status | References |
|---|---|---|---|
| CVE-2005-2411 | Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user. |
Assigned (20050801) | BID:14500 | URL:http://www.securityfocus.com/bid/14500 | CONFIRM:http://sourceforge.net/forum/forum.php?forum_id=482743 | DEBIAN:DSA-808 | URL:http://www.debian.org/security/2005/dsa-808 | OSVDB:18604 | URL:http://www.osvdb.org/18604 | SECUNIA:16329 | URL:http://secunia.com/advisories/16329 | SECUNIA:16787 | URL:http://secunia.com/advisories/16787 | XF:tdiary-xs-request-forgery(21735) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/21735 |
Page created: