Exploitation Summary
EIP tracks 1 public exploit for CVE-2013-7209. PoCs published by arno.
AI-analyzed exploit summary The provided text describes a CSRF vulnerability in JForum, where an attacker can trick a user into submitting a malicious request to change user group permissions. The example URL demonstrates the attack vector but lacks executable exploit code.
Description
Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote attackers to hijack the authentication of administrators for requests that change the user group permissions of arbitrary users via a groupsSave action.
Exploits (1)
The provided text describes a CSRF vulnerability in JForum, where an attacker can trick a user into submitting a malicious request to change user group permissions. The example URL demonstrates the attack vector but lacks executable exploit code.