VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 6, 2011· Updated Apr 29, 2026

CVE-2011-1954

CVE-2011-1954

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Post Revolution 0.8.0c-2 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests to (1) ajax-weblog-guardar.php, (2) verpost.php, (3) comments.php, or (4) perfil.php.

Affected products

13
  • Postrev/Post Revolution13 versions
    cpe:2.3:a:postrev:post_revolution:*:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:postrev:post_revolution:*:*:*:*:*:*:*:*range: <=0.8.0c-2
    • cpe:2.3:a:postrev:post_revolution:0.6.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.6.3:beta:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.7.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.7.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.7.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.7.0:rc4:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.8.0:alpha:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.8.0b:*:*:*:*:*:*:*
    • cpe:2.3:a:postrev:post_revolution:0.8.0c:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.