Description
Cross-site request forgery (CSRF) vulnerability in admin/index.php in 11in1 1.2.1 stable 12-31-2011 allows remote attackers to hijack the authentication of administrators for requests that add new topics via an addTopic action.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by High-Tech Bridge SA · textwebappsphp
https://www.exploit-db.com/exploits/36786
References (1)
Core 1
Core References
Exploit x_refsource_misc
https://www.htbridge.ch/advisory/HTB23071
Scores
EPSS
0.0018
EPSS Percentile
39.2%
Details
CWE
CWE-352
Status
published
Products (1)
11in1/11in1
1.2.1 stable_12-31-2011
Published
Feb 24, 2012
Tracked Since
Feb 18, 2026