CVE-2010-3024

Multiple cross-site request forgery (CSRF) vulnerabilities in user/main/update_user in DiamondList 0.1.6, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the site's configuration.
Configurations

Configuration 1 (hide)

cpe:2.3:a:hulihanapplications:diamondlist:0.1.6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-08-16 20:00

Updated : 2024-02-28 11:41


NVD link : CVE-2010-3024

Mitre link : CVE-2010-3024

CVE.ORG link : CVE-2010-3024


JSON object : View

Products Affected

hulihanapplications

  • diamondlist
CWE
CWE-352

Cross-Site Request Forgery (CSRF)