CVE-2008-6585

Cross-site request forgery (CSRF) vulnerability in html/admin.php in TorrentFlux 2.3 allows remote attackers to hijack the authentication of administrators for requests that add new accounts via the addUser action.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
VendorProductVersion
torrentfluxtorrentflux
2.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
torrentflux
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
not-affected
gutsy
ignored
dapper
dne
Common Weakness Enumeration
References
http://osvdb.org/44646
http://secunia.com/advisories/29935
http://www.securityfocus.com/archive/1/491066/100/0/threaded
http://www.securityfocus.com/bid/28846
https://exchange.xforce.ibmcloud.com/vulnerabilities/41926
http://osvdb.org/44646
http://secunia.com/advisories/29935
http://www.securityfocus.com/archive/1/491066/100/0/threaded
http://www.securityfocus.com/bid/28846
https://exchange.xforce.ibmcloud.com/vulnerabilities/41926