2 matches found
CVE-2012-1416
Multiple cross-site request forgery CSRF vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that 1 add administrator accounts via a membernew action to myadmin/admin1members.php or 2 modify the default site title via a save action...
CVE-2012-1416
The CVE-2012-1416 entry concerns CSRF flaws in SocialCMS 1.0.2 that allow an attacker to hijack administrator sessions by triggering (1) member_new to create admin accounts or (2) saving a new site title via admin interfaces. Affected software: SocialCMS 1.0.2; impact described as unauthorized ad...