3 matches found
CVE-2017-11679
Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...
CVE-2017-11679
CVE-2017-11679 describes a CSRF in Hashtopus 1.5g where an attacker can trigger actions via the password parameter to admin.php in an a=config action. The connected records confirm the vulnerability exists in Hashtopus 1.5g and identify the vulnerable parameter and endpoint, but they do not provi...
CVE-2017-11679
Cross-Site Request Forgery CSRF exists in Hashtopus 1.5g via the password parameter to admin.php in an a=config action...