2 matches found
CVE-2015-2142
Multiple cross-site request forgery CSRF vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote authenticated users to 1 hijack the authentication of users for requests that cause an unspecified impact via the id parameter to project.php, 2 hijack the authentication of users for...
CVE-2015-2142
Issuetracker phpBugTracker, versions prior to 1.7.0, contains multiple CSRF vulnerabilities that allow remote authenticated users to hijack authentication of other users via various parameter tampering (id, group_id, status_id, severity_id, priority_id, os_id, database_id, site_id) across project...