2 matches found
CVE-2008-5567
CVE-2008-5567 is a CSRF vulnerability affecting Bonza Cart 1.10 and earlier in the admin/ad_settings.php endpoint. The root cause is an unauthorized cross-site request that can change the admin password when a user is logged in and a logout action is triggered with parameters NewAdmin, NewPass1, ...
CVE-2008-5567
Cross-site request forgery CSRF vulnerability in admin/adsettings.php in Bonza Cart 1.10 and earlier allows remote attackers to change the admin password via a logout action in conjunction with the NewAdmin, NewPass1, and NewPass2 parameters...