3 matches found
CVE-2013-7334
Cross-site request forgery CSRF vulnerability in ImageCMS before 4.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the q parameter, related to CVE-2012-6290...
CVE-2013-7334
ImageCMS before 4.2 is affected by a CSRF vulnerability that can be leveraged to perform SQL injection via the q parameter in admin/admin_search/, enabling remote attackers to execute arbitrary SQL commands after hijacking administrator sessions. This issue is related to CVE-2012-6290. Evidence f...
CVE-2013-7334
Cross-site request forgery CSRF vulnerability in ImageCMS before 4.2 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the q parameter, related to CVE-2012-6290...