Multiple Cross-Site Request Forgery Vulnerabilities in Simple Invoices
Simple Invoices is an open source, free web-based invoicing system. Three cross-site request forgery vulnerabilities exist in Simple Invoices version 2013.1.beta.8. A remote attacker can use these vulnerabilities to create a new administrator user account and take control of the entire applicatio...