Vulnerabilities (CVE)

Filtered by vendor Phparanoid Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-5758 1 Phparanoid 1 Phparanoid 2024-11-21 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in PHParanoid before 0.5 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors related to private messages.
CVE-2008-5673 1 Phparanoid 1 Phparanoid 2024-11-21 6.5 MEDIUM N/A
PHParanoid before 0.4 does not properly restrict access to the members area by unauthenticated users, which has unknown impact and remote attack vectors.
CVE-2008-5672 1 Phparanoid 1 Phparanoid 2024-11-21 6.8 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in PHParanoid before 0.4 allow remote attackers to hijack the authentication of arbitrary users for requests that use (1) admin.php or (2) private messages.