CVE-2008-5758

phparanoid < 0.5 - Cross-Site Request Forgery via Private Messages

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in PHParanoid before 0.5 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors related to private messages.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/47749
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28847

Scores

EPSS 0.0057
EPSS Percentile 43.4%

Details

CWE
CWE-352
Status published
Products (4)
phparanoid/phparanoid 0.1
phparanoid/phparanoid 0.2
phparanoid/phparanoid 0.3
phparanoid/phparanoid < 0.4
Published Dec 30, 2008
Tracked Since Feb 18, 2026