vendor:
SyndeoCMS
by:
Ivano Binetti
5.5
CVSS
MEDIUM
CSRF
352
CWE
Product Name: SyndeoCMS
Affected Version From: 3
Affected Version To: 3
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested: Debian Squeeze (6.0)
2012
SyndeoCMS <= 3.0 CSRF Vulnerability
The SyndeoCMS version 3.0 and lower is vulnerable to CSRF. An attacker can add an admin account by exploiting this vulnerability.
Mitigation:
The vendor has not provided a patch or mitigation for this vulnerability.