CVE-2012-4877 Information

Description

Cross-site request forgery (CSRF) vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts.

Reference

http://osvdb.org/80878 http://packetstormsecurity.org/files/111473/Flatnux-CMS-2011-08.09.2-CSRF-XSS-Directory-Traversal.html http://secunia.com/advisories/48656 http://www.securityfocus.com/bid/52846 http://www.vulnerability-lab.com/get_content.php?id=487 https://exchange.xforce.ibmcloud.com/vulnerabilities/74567