Vulnerability Details CVE-2005-2411
Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.1%
CVSS Severity
CVSS v2 Score 5.1
References
- http://secunia.com/advisories/16329
- http://secunia.com/advisories/16787
- http://sourceforge.net/forum/forum.php?forum_id=482743
- http://www.debian.org/security/2005/dsa-808
- http://www.osvdb.org/18604
- http://www.securityfocus.com/bid/14500
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21735
- http://secunia.com/advisories/16329
- http://secunia.com/advisories/16787
- http://sourceforge.net/forum/forum.php?forum_id=482743
- http://www.debian.org/security/2005/dsa-808
- http://www.osvdb.org/18604
- http://www.securityfocus.com/bid/14500
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21735