CVE-2004-2364

N/A Unknown
Published: December 31, 2004 Modified: April 16, 2026
View on NVD

Description

Cross-site request forgery (CSRF) vulnerability in PHPX 3.0 through 3.2.6 allows remote attackers to execute arbitrary commands via URLs that are automatically executed on behalf of the administrator, as demonstrated using (1) admin/page.php, (2) admin/news.php, (3) admin/user.php, (4) admin/images.php, (5) admin/page.php, or (6) admin/forums.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://secunia.com/advisories/11554
Source: cve@mitre.org
http://securitytracker.com/id?1010061
Source: cve@mitre.org
http://www.osvdb.org/5907
Source: cve@mitre.org
http://www.osvdb.org/5908
Source: cve@mitre.org
http://www.osvdb.org/5909
Source: cve@mitre.org
http://www.osvdb.org/5910
Source: cve@mitre.org
http://www.osvdb.org/5911
Source: cve@mitre.org
http://www.phpx.org/project.php?action=view&project_id=1
Source: cve@mitre.org
Patch URL Repurposed
http://www.securityfocus.com/archive/1/362230
Source: cve@mitre.org
Exploit Vendor Advisory
http://www.securityfocus.com/bid/10284
Source: cve@mitre.org
Exploit Patch
http://secunia.com/advisories/11554
Source: af854a3a-2127-422b-91ae-364da2661108
http://securitytracker.com/id?1010061
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/5907
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/5908
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/5909
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/5910
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.osvdb.org/5911
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.phpx.org/project.php?action=view&project_id=1
Source: af854a3a-2127-422b-91ae-364da2661108
Patch URL Repurposed
http://www.securityfocus.com/archive/1/362230
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Vendor Advisory
http://www.securityfocus.com/bid/10284
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Patch

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
7.5%
92th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

phpx