signkorn 1.5 and earlier contains multiple flaws that which can be exploited by malicious users to conduct cross-site request forgery and cross-site scripting attacks.

1) XSS: Input passed during an admin session to the "qc" variable submitted to the admin.php script is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

2) CSRF: The application allows users to perform all admin actions via HTTP requests without performing any validation checks to verify the requests. This can be exploited to e.g. perform administrative functions when a logged in user views a malicious web page.

References:

CVE-2009-pending

BID: 35965

FrSIRT: N/A

Nessus:N/A

OSVDB: 56802, 56803

SA: 36151

XF: 

Related: 

Vendor Solution: