CVE-2019-25313 FlexNet Publisher 11.12.1 - Cross-Site Request Forgery (Add Local Admin)

FlexNet Publisher 11.12.1 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious HTML form to trick authenticated users into submitting a request that creates a new local admin accoun...

PT-2022-25327 · Php Point Of Sale Llc +1 · Php Point Of Sale

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: The application is vulnerable to Cross-Site Request Forgery CSRF attacks. This allows an attacker to coerce users into sending malicious requests to the site, potentially leading to...

BEESCMS 4.0 Cross-Site Request Forgery Vulnerability

BEESCMS is a scalable content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in BEESCMS version 4.0. A remote attacker can exploit this vulnerability to arbitrarily add administrator accounts...