CVE-2007-5575

Name of the Vulnerable Software and Affected Versions 1024 CMS version 1.2.5

Description A cross-site request forgery (CSRF) issue allows remote attackers to perform actions as administrators. This can be demonstrated by creating a file containing PHP code and using the forum component.

Recommendations For version 1.2.5, update to a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to the forum component and limiting the ability to create files containing PHP code until a patch is available.