3 matches found
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Openfiler 2.99.1 allow remote attackers to hijack the authentication of administrators for requests that 1 shutdown or 2 reboot the server via a request to admin/systemshutdown.html...
CVE-2014-7190
Openfiler 2.99.1 is affected by multiple CSRF vulnerabilities that allow remote attackers to hijack administrator sessions and trigger shutdown or reboot via a request to admin/system_shutdown.html. The underlying issue is CSRF in the admin interface that permits state-changing actions without pr...
OpenFiler 2.99.1 - Cross-Site Request Forgery
DoS...