Published: 01/08/2005 Updated: 11/07/2017

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 454

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and previous versions, allows remote malicious users to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
tdiary tdiary 2.1.1
tdiary tdiary

Yutaka Oiwa and Hiromitsu Takagi discovered a Cross-Site Request Forgery (CSRF) vulnerability in tdiary, a new generation weblog that can be exploited by remote attackers to alter the users information The old stable distribution (woody) does not contain tdiary packages For the stable distribution (sarge) this problem has been fixed in version 2 ...

NVD-CWE-Other http://sourceforge.net/forum/forum.php?forum_id=482743 http://www.osvdb.org/18604 http://secunia.com/advisories/16329 http://www.debian.org/security/2005/dsa-808 http://www.securityfocus.com/bid/14500 http://secunia.com/advisories/16787 https://exchange.xforce.ibmcloud.com/vulnerabilities/21735 https://www.debian.org/security/./dsa-808 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-2411

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect