CVE

Id
37360  
CVE No.
CVE-2008-7243  
Status
Candidate  
Description
Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS 0.9.6.1 and 0.9.6.1p1 allows remote attackers to hijack the authentication of other users for requests that modify passwords via manager/index.php. NOTE: due to the lack of details, it is not clear whether this is related to CVE-2008-5941.  
Phase
Assigned (20090917)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
405165 37360 CVE-2008-7243 BUGTRAQ:20080207 [DSECRG-08-013] Modx 0.9.6.1, 0.9.6.1p1 Multiple Security Vulnerabilities  View
405166 37360 CVE-2008-7243 URL:http://www.securityfocus.com/archive/1/archive/1/487696/100/200/threaded  View
405167 37360 CVE-2008-7243 BID:27672  View
405168 37360 CVE-2008-7243 URL:http://www.securityfocus.com/bid/27672  View
405169 37360 CVE-2008-7243 SECUNIA:28840  View
405170 37360 CVE-2008-7243 URL:http://secunia.com/advisories/28840  View
405171 37360 CVE-2008-7243 XF:modx-password-weak-security(40378)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
41518 JVNDB-2009-002525 MySQL の sql/sql_table.cc におけるアクセス制限を回避される脆弱性 MySQL の sql/sql_table.cc には、データが異なるファイルシステムのシンボリックリンクを含むホームディレクトリの場合、アクセス制限を回避される脆弱性が存在します。 CVE-2008-7247 37360 6 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-002525.html  View