Unrated severityNVD Advisory· Published Jan 25, 2011· Updated Apr 29, 2026

CVE-2011-0642

Description

Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 allows remote attackers to hijack the authentication of administrators for requests that create new users via the options action. NOTE: some of these details are obtained from third party information.

Affected products

Network 13/N 13 News3 versions
cpe:2.3:a:network-13:n-13_news:3.4:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:network-13:n-13_news:3.4:*:*:*:*:*:*:*
- cpe:2.3:a:network-13:n-13_news:3.7:*:*:*:*:*:*:*
- cpe:2.3:a:network-13:n-13_news:4.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/16013nvdExploit
secunia.com/advisories/42959nvdVendor Advisory
osvdb.org/70593nvd
exchange.xforce.ibmcloud.com/vulnerabilities/64824nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000