2 matches found
CVE-2008-4448
Cross-site request forgery CSRF vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the 1 overkill, 2 futils, or 3 edit actions...
CVE-2008-4448
CVE-2008-4448 describes a CSRF vulnerability in actions.php of Positive Software H-Sphere WebShell 4.3.10. An attacker can induce an admin to perform unauthorized actions by visiting a crafted link or IMG tag targeting (1) overkill, (2) futils, or (3) edit actions, effectively enabling file delet...