4 matches found
CVE-2020-10218
A Blind SQL Injection issue was discovered in Sapplica Sentrifugo 3.2 via the index.php/holidaygroups/add id parameter because of the HolidaydatesController.php addAction function...
GHSA-RRMF-FPMM-JPWR ViMbAdmin CSRF Vulnerabilities
Multiple cross-site request forgery CSRF vulnerabilities in the addAction and purgeAction functions in ViMbAdmin 3.0.15 allow remote attackers to hijack the authentication of logged administrators to 1. add an administrator user via a crafted POST request to...
ViMbAdmin CSRF Vulnerabilities
Multiple cross-site request forgery CSRF vulnerabilities in the addAction and purgeAction functions in ViMbAdmin 3.0.15 allow remote attackers to hijack the authentication of logged administrators to 1. add an administrator user via a crafted POST request to...
Multiple Cross-site Request Forgery(CSRF) Vulnerabilities
opensolutions/vimbadmin is susceptible to multiple cross-site request forgery CSRF vulnerabilities. The vulnerabilities are possible because of flaws in the addAction method in the DomainController, MailboxController, ArchiveController and AliasController files and the purgeAction method in the...