Description
Cross-site request forgery (CSRF) vulnerability in index.php in Acc PHP eMail 1.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords.
Exploits (1)
References (4)
Core 4
Core References
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/3508
Exploit x_refsource_misc
http://packetstormsecurity.org/0912-exploits/ape-xsrf.txt
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/10412
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37666
Scores
EPSS
0.0028
EPSS Percentile
51.0%
Details
CWE
CWE-352
Status
published
Products (1)
accscripts/acc_php_email
1.1
Published
Jun 25, 2010
Tracked Since
Feb 18, 2026