WEB APPLICATION VULNERABILITIES Standard & Premium

PHP Address Book Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-2778)

Description

Cross-site request forgery (CSRF) vulnerability in addressbook/register/delete_user.php in PHP Address Book 8.2.5 allows remote attackers to hijack the authentication of administrators for requests that delete accounts, a different vulnerability than CVE-2013-0135.1.

Remediation

References

Related Vulnerabilities

Oracle Database Server Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5499)

Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2019-0199)

Oracle Application Server Other Vulnerability (CVE-2006-5358)

MySQL Use After Free Vulnerability (CVE-2020-11656)

Plone CMS Improper Restriction of XML External Entity Reference Vulnerability (CVE-2020-28736)

Severity

High

Classification

CVE-2013-2778 CWE-352

Tags

Missing Update Known Vulnerabilities