CVE-2007-5917

Cross-site request forgery (CSRF) vulnerability in admin/admin_account.php in Skalinks 1.5 and earlier allows remote attackers to add arbitrary privileged accounts as administrators via the admin_name, admin_password, admin_type, and Add_admin parameters.

Published: Nov 10, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5917
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
skalinks / skalinks	1.5	1.5.x

http://secunia.com/advisories/27532
http://securityreason.com/securityalert/3356
http://www.hackinginside.altervista.org/bug/skalinks_1_5_csrf.txt
http://www.securityfocus.com/archive/1/483267/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/38286

Vulnerability Database

CVE-2007-5917