2 matches found
CVE-2013-7352
CVE-2013-7352/2945 describe a CSRF-enabled SQL injection in b2evolution and its admin.php show_statuses[] parameter, affecting installations before 4.1.7. The issue allows remote (via CSRF) authenticated admins to run arbitrary SQL commands, potentially hijacking admin actions. Affected product: ...
PayPal Inc BB #61 - Persistent Mail Encoding Vulnerability
Document Title: =============== PayPal Inc BB 61 - Persistent Mail Encoding Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=846 PayPal Security UID: bzbe1he Release Date: ============= 2013-10-15 Vulnerability Laboratory ID VL-ID:...