Description
Cross-site request forgery (CSRF) vulnerability in admin.php in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote attackers to hijack the authentication of arbitrary users.
References (3)
Core 3
Core References
Vendor Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000114
Vendor Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN78240242/index.html
Vendor Advisory x_refsource_confirm
http://www.php-factory.net/trivia/16.php
Scores
EPSS
0.0065
EPSS Percentile
46.7%
Details
CWE
CWE-352
Status
published
Products (2)
php_kobo/photo_gallery_cms_free
1.0.0
php_kobo/photo_gallery_cms_free
1.0.1
Published
Aug 22, 2015
Tracked Since
Feb 18, 2026