2 matches found
CVE-2023-20105
A vulnerability in the change password functionality of Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS could allow an authenticated, remote attacker with Read-only credentials to elevate privileges to Administrator on an affected system. This vulnerability is due to...
DomainMod Cross-Site Request Forgery Vulnerability
DomainMod is a PHP and MySQL based open source application for managing centrally located domain names and other Internet assets. DomainMod suffers from a cross-site request forgery vulnerability. An attacker could exploit the vulnerability to change a read-only user to an administrator...