3 matches found
CVE-2015-1559
Multiple cross-site request forgery CSRF vulnerabilities in administrator.php in Epignosis eFront Open Source Edition before 3.6.15.3 build 18022 allow remote attackers to hijack the authentication of administrators for requests that 1 delete modules via the deletemodule parameter, 2 deactivate...
CVE-2015-1559
CVE-2015-1559 affects Epignosis eFront Open Source Edition up to version 3.6.15.3 build 18022, where multiple CSRF vulnerabilities in administrator.php allow an attacker to hijack administrator sessions and perform actions such as deleting/modifying modules, users, themes, events, language settin...
eFront 3.6.14.4 (surname param) - Persistent XSS Vulnerability
Exploit for php platform in category web applications Exploit Title: Persistent Cross Site Scripting Vulnerability in eFront 3.6.14.4 Date: 05 June 2014 Exploit Author: shyamkumar somana Vendor Homepage: http://www.efrontlearning.net Software Link:...