Security Vulnerabilities, CVEs, Published In May 2008 (CSRF)

CVE-2008-2276

Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link.
Max CVSS
6.8
EPSS Score
0.35%
Published
2008-05-16
Updated
2017-09-29

CVE-2008-2140

Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform Agent 2 and 3 allows remote attackers to reset the root password as the administrator via a crafted URL.
Max CVSS
2.6
EPSS Score
0.08%
Published
2008-05-12
Updated
2017-08-08

CVE-2008-2071

Multiple cross-site request forgery (CSRF) vulnerabilities in the WHM interface 11.15.0 for cPanel 11.18 before 11.18.4 and 11.22 before 11.22.3 allow remote attackers to perform unauthorized actions as cPanel administrators via requests to cpanel/whm/webmail and other unspecified vectors.
Max CVSS
4.3
EPSS Score
0.20%
Published
2008-05-12
Updated
2018-10-11

CVE-2008-2043

Multiple cross-site request forgery (CSRF) vulnerabilities in cPanel, possibly 11.18.3 and 11.19.3, allow remote attackers to (1) execute arbitrary code via the command1 parameter to frontend/x2/cron/editcronsimple.html, and perform various administrative actions via (2) frontend/x2/sql/adddb.html, (3) frontend/x2/sql/adduser.html, and (4) frontend/x2/ftp/doaddftp.html.
Max CVSS
4.3
EPSS Score
0.94%
Published
2008-05-01
Updated
2017-08-08
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close