BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[MajorSecurity SA-070]Plume CMS - change Admin Password via Cross-site Request Forgery Jun 09 2010 08:25AM
david kurz majorsecurity net
[MajorSecurity SA-070]Plume CMS - change Admin Password via Cross-site Request Forgery

Details

=======

Product: Plume CMS

Security-Risk: high

Remote-Exploit: yes

Vendor-URL: http://www.plume-cms.net/

Advisory-Status: published

Credits

============

Discovered by: David Vieira-Kurz

http...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus