VYPR

MS TopSites

by PHP-Nuke

CVEs (1)

  • CVE-2007-5918Nov 10, 2007
    risk 0.03cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in edit.php in the MS TopSites add-on for PHP-Nuke does not verify that the uname parameter matches the current account, which allows remote authenticated users to change arbitrary accounts or change the SiteTitleName field as an…