Unrated severityNVD Advisory· Published Aug 1, 2005· Updated Apr 16, 2026

CVE-2005-2411

Description

Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and earlier, allows remote attackers to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user.

Affected products

Tdiary/Tdiary2 versions
cpe:2.3:a:tdiary:tdiary:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:tdiary:tdiary:*:*:*:*:*:*:*:*range: <=2.0.1
- cpe:2.3:a:tdiary:tdiary:2.1.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/16329nvd
secunia.com/advisories/16787nvd
sourceforge.net/forum/forum.phpnvd
www.debian.org/security/2005/dsa-808nvd
www.osvdb.org/18604nvd
www.securityfocus.com/bid/14500nvd
exchange.xforce.ibmcloud.com/vulnerabilities/21735nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000