CSRF Vulnerability in PHP Link Directory (phpLD) 4.1.0 Allows Unauthorized Administrator Addition

CSRF Vulnerability in PHP Link Directory (phpLD) 4.1.0 Allows Unauthorized Administrator Addition

CVE-2011-0643 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (phpLD) 4.1.0 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via the N action.

Learn more about our User Device Pen Test.