CVE-2014-9101
CVE-2014-9101 affects Oxwall 1.7.0 (build 7907/7906) and SkaDate Lite 2.0 (build 7651) with multiple CSRF vulnerabilities enabling possible admin session hijack and related XSS via POST parameters (e.g., label in admin/users/roles/, lang[...] in AddAccountType, qst_name in addQuestion, form_name ...