Unrated severityNVD Advisory· Published Feb 25, 2010· Updated Apr 29, 2026

CVE-2010-0709

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1) hijack the authentication of users or administrators for requests that change the email address or password via the user action to index.php, and (2) hijack the authentication of the administrator for requests that create a new user via the admin/modules/user/new action to limny/index.php.

Affected products

Limny/Limny
cpe:2.3:a:limny:limny:2.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.limny.orgnvdPatchVendor Advisory
www.exploit-db.com/exploits/11477nvdExploit
www.exploit-db.com/exploits/11478nvdExploit
secunia.com/advisories/38616nvdVendor Advisory
osvdb.org/62389nvd
exchange.xforce.ibmcloud.com/vulnerabilities/56318nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000