Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Dotclear Other Vulnerability - CVE-2007-3688 - Vulnerability Database
Dotclear

Dotclear Other Vulnerability - CVE-2007-3688

Low
Reference: CVE-2007-3688
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2007-3688
Title: Dotclear Other Vulnerability
Overview:

Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear 1.2.6 allow remote attackers to perform actions as arbitrary users via the (1) tool_url parameter to ecrire/tools.php and multiple fields on the (2) blogconf (3) blogroll (4) ecrire/redacteur.php and (5) ecrire/user_prefs.php pages.