5 matches found
CVE-2014-4333
Cross-site request forgery CSRF vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members parameter, related to CVE-2014-3810...
CVE-2014-3810
SQL injection vulnerability in administration/profiles.php in BoonEx Dolphin 7.1.4 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the members parameter. NOTE: this can be exploited by remote attackers by leveraging CVE-2014-4333...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members parameter, related to CVE-2014-3810...
CVE-2014-4333
Cross-site request forgery CSRF vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members parameter, related to CVE-2014-3810...
CVE-2014-4333
BoonEx Dolphin 7.1.4 and earlier contains a CSRF vulnerability in administration/profiles.php that enables remote attackers to hijack administrator sessions for requests that trigger an SQL injection via the members[] parameter. The issue is related to CVE-2014-3810, which confirms an SQL injecti...