CVE-2005-2059 Information

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php (2) toggleignore.php (3) removeignore.php and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag.

Reference

http://marc.info/?l=bugtraq&m=111963737202040&w=2 http://www.gulftech.org/?node=research&article_id=00084-06232005 http://www.ubbcentral.com/boards/showflat.php/Cat/0/Number/42351/Main/42351/Post42351