Vulnerability Details CVE-2006-4582
Cross-site request forgery (CSRF) vulnerability in The Address Book 1.04e allows remote attackers to perform unauthorized actions as other users via unspecified vectors, as demonstrated by deleting arbitrary users via the id parameter in a deleteuser action in users.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://osvdb.org/32559
- http://secunia.com/advisories/21694
- http://secunia.com/secunia_research/2006-76/advisory/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31251
- http://osvdb.org/32559
- http://secunia.com/advisories/21694
- http://secunia.com/secunia_research/2006-76/advisory/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31251
Products affected by CVE-2006-4582
-
cpe:2.3:a:the_address_book:the_address_book:1.04e