QwikSec

Security Database

CVE

CWE

Training

CVE-2007-5917

Published: Nov 10, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in admin/admin_account.php in Skalinks 1.5 and earlier allows remote attackers to add arbitrary privileged accounts as administrators via the admin_name, admin_password, admin_type, and Add_admin parameters.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_SREASON

third-party-advisory

x_refsource_SECUNIA

http://www.hackinginside.altervista.org/bug/skalinks_1_5_csrf.txt

x_refsource_MISC

skalinks-adminaccount-csrf(38286)

vdb-entry

x_refsource_XF

20071103 Skalinks <= 1_5 Cross Site Request Forgery Add Admin

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.