CVE-2012-6434

Multiple cross-site request forgery CSRF vulnerabilities in e107admin/download.php in e107 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the 1 downloadurl, 2 downloadurlextended, 3 downloadauthoremail, 4...