3 matches found
CVE-2014-2916
Cross-site request forgery CSRF vulnerability in the subscription page editor spageedit in phpList before 3.0.6 allows remote attackers to hijack the authentication of administrators via a request to admin/...
CVE-2014-2916
Cross-site request forgery CSRF vulnerability in the subscription page editor spageedit in phpList before 3.0.6 allows remote attackers to hijack the authentication of administrators via a request to admin/...
CVE-2014-2916
CVE-2014-2916 affects phpList’s subscription page editor (spageedit) up to version 3.0.6. The issue is a Cross-site request forgery (CSRF) that enables an attacker to hijack an administrator’s session via a request to admin/. The vulnerability is triggered through authenticated admin actions, ena...