CVE-2010-2007

CVE-2010-2007 describes multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) 1.7.2 and earlier. The issues allow remote attackers to hijack administrator authentication for requests to specific endpoints: op/op.EditUserData.php, op/op.UsrMgr.php, out/out.RemoveVe...