CVE-2026-34382 in admidio정보

요약 (영어)

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, the delete mode handler in mylist_function.php permanently deletes list configurations without validating a CSRF token. An attacker who can lure an authenticated user to a malicious page can silently destroy that user's list configurations — including organization-wide shared lists when the victim holds administrator rights. This issue has been patched in version 5.0.8.

책임이 있는

GitHub_M

예약하다

2026. 03. 27.

공개

2026. 04. 01.

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디	취약성	CWE	악용	대책	CVE
354511	admidio mylist_function.php 교차 사이트 요청 위조	352	정의되지 않음	공식 수정	CVE-2026-34382

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

◂ 이전개요다음 ▸

Do you know our Splunk app?

Download it now for free!