4 matches found
CVE-2021-41074
A CSRF issue in index.php in QloApps hotel eCommerce 1.5.1 allows an attacker to change the admin's email address via a crafted HTML document...
EUVD-2021-28225
A CSRF issue in index.php in QloApps hotel eCommerce 1.5.1 allows an attacker to change the admin's email address via a crafted HTML document...
CVE-2021-41074
A CSRF issue in index.php in QloApps hotel eCommerce 1.5.1 allows an attacker to change the admin's email address via a crafted HTML document...
CVE-2021-41074
CVE-2021-41074 – QloApps hotel eCommerce 1.5.1 CSRF in index.php : A crafted HTML document can cause change of the administrator’s email address. This is a Cross-Site Request Forgery issue in the index.php file of QloApps 1.5.1. Public sources in the connected documents confirm the vulnerability ...