CVE-2010-3030

Published: Aug 17, 2010Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected (1)

Products: Tomaz Muraus: Open Blog

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Tomaz Muraus Open Blog	Version 1.2.1

Related CWEs

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (2)

http://secunia.com/advisories/40876

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/40876

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.