CVE-2012-1216

Name of the Vulnerable Software and Affected Versions PBBoard version 2.1.4

Description The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities in the admin.php file. These vulnerabilities allow remote attackers to hijack the authentication of administrators for specific requests, including uploading a file via an "add" action or changing the contents of a file via a "dit" action.

Recommendations For PBBoard version 2.1.4, as a temporary workaround, consider restricting access to the admin.php file to minimize the risk of exploitation. Avoid using the "add" and "dit" actions in the admin.php file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.