Total vulnerabilities in the database
Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.
| Software | From | Fixed in |
|---|---|---|
| phpx / phpx | 3.2.4 | 3.2.4.x |
| phpx / phpx | 3.2.5 | 3.2.5.x |
| phpx / phpx | 3.1.0 | 3.1.0.x |
| phpx / phpx | 3.1.2 | 3.1.2.x |
| phpx / phpx | 3.0.4 | 3.0.4.x |
| phpx / phpx | 3.0.0 | 3.0.0.x |
| phpx / phpx | 3.1.4 | 3.1.4.x |
| phpx / phpx | 3.0.2 | 3.0.2.x |
| phpx / phpx | 3.0.1 | 3.0.1.x |
| phpx / phpx | 3.0.6 | 3.0.6.x |
| phpx / phpx | 3.2.0 | 3.2.0.x |
| phpx / phpx | 3.1.3 | 3.1.3.x |
| phpx / phpx | 3.2.2 | 3.2.2.x |
| phpx / phpx | 3.0.7 | 3.0.7.x |
| phpx / phpx | 3.1.1 | 3.1.1.x |
| phpx / phpx | 3.2.6 | 3.2.6.x |
| phpx / phpx | 3.2.3 | 3.2.3.x |
| phpx / phpx | 3.0.5 | 3.0.5.x |
| phpx / phpx | 3.2.1 | 3.2.1.x |
| phpx / phpx | 3.0.3 | 3.0.3.x |