2 matches found
MK-AUTH Cross-Site Request Forgery Vulnerability
MK-AUTH is an access control system developed by Pedro Filho, an individual developer in Brazil. A cross-site request forgery vulnerability exists in MK-AUTH through version 19.01 K4.9, which allows passwords to be changed via the central executor central.php. No details of the vulnerability are...
MK-AUTH cross-site scripting vulnerability (CNVD-2021-17430)
MK-AUTH is an access control system from the Brazilian software developer Pedro Filho. A cross-site scripting vulnerability exists in the admin and client scripts in MK-AUTH version 19.01, which can be exploited by an attacker to execute arbitrary JavaScript code...