CyberSec.Space Logo
Back to CVE Browser

CVE-2012-4324

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0580%
EPSS Percentile17.38th
PublishedAug 14, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in PHPJabbers Vacation Rental Script allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a create action in the AdminUsers module to index.php.

Affected Platforms (CPE)

πŸ“¦
Phpjabbers

Vacation Rental Script

All versions

References & Advisories

πŸ”— http://osvdb.org/80948
πŸ”— http://packetstormsecurity.org/files/111564/Vacation-Rental-Listing-Cross-Site-Request-Forgery.html
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/74683
πŸ”— http://osvdb.org/80948
πŸ”— http://packetstormsecurity.org/files/111564/Vacation-Rental-Listing-Cross-Site-Request-Forgery.html
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/74683

Related Vulnerabilities

CVE-2008-36037.5

SQL injection vulnerability in index.php in Vacation Rental Script 3.0 allows remote attackers to execute arbitrary SQL commands v...

CVE-2012-65874.3

Cross-site scripting (XSS) vulnerability in vacation/1_mobile/alert_members.php in MYRE Vacation Rental Software allows remote att...

CVE-2006-26512.6

Cross-site scripting (XSS) vulnerability in index.php in Vacation Rental Script 1.0 allows remote attackers to inject arbitrary we...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...