CVE-2010-3030

Tomaz Muraus Open Blog 1.2.1 - CSRF

Title source: llm

Description

Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC

by High-Tech Bridge SA · htmlwebappsphp

https://www.exploit-db.com/exploits/14562

View Code ZIP pw:eip

References (1)

[Vendor Advisory] http://secunia.com/advisories/40876

Scores

EPSS 0.0009

EPSS Percentile 24.9%

Details

CWE

CWE-352

Status published

Products (1)

tomaz-muraus/open_blog 1.2.1

Published Aug 17, 2010

Tracked Since Feb 18, 2026