CVE-2008-3938 Information

Description

Cross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database (OpenDb) 1.0.6 allows remote attackers to change arbitrary passwords via an update_password action.

Reference

http://packetstorm.linuxsecurity.com/0808-exploits/omcd-xssxsrf.txt http://secunia.com/advisories/31719