Summary
This host is running Limny is prone to multiple cross-site request forgery vulnerabilities
Impact
Successful exploitation will allow remote attackers to change the administrative password or email address and add a new user by tricking an administrative user into visiting a malicious web site.
Impact Level: Application.
Solution
Upgrade to Limny version 2.01
For updates refer to http://www.limny.org/
Insight
The multiple flaws are caused by improper validation of user-supplied input, which allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests.
Affected
Limny version 2.0
References
Severity
Classification
-
CVE CVE-2010-0709 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities