4 matches found
Innovaphone PBX Admin-GUI - CSRF Vulnerability
Exploit for multiple platform in category web applications Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX...
CVE-2014-5335
CVE-2014-5335 concerns CSRF in the Innovaphone PBX Admin-GUI. The issue affects all known versions up to 10.00 sr11, where an authenticated administrator could be targeted to modify configurations or user data via forged requests without proper origin checks. Documentation provides concrete attac...
CVE-2014-5335
Multiple cross-site request forgery CSRF vulnerabilities in innovaphone PBX 10.00 sr11 and earlier allow remote attackers to hijack the authentication of administrators for requests that modify configurations or user accounts, as demonstrated by 1 changing the administrator password via a crafted...
Innovaphone PBX Admin-GUI - Cross-Site Request Forgery
Innovaphone PBX Admin-GUI - Cross-Site Request Forgery Title: Innovaphone PBX Admin-GUI CSRF Impact: High CVSS2 Score: 7.8 AV:N/AC:M/Au:S/C:P/I:C/A:C/E:F/RL:U/RC:C Announced: August 21, 2014 Reporter: Rainer Giedat NSIDE ATTACK LOGIC GmbH, www.nsideattacklogic.de Products: Innovaphone PBX...