3 matches found
CVE-2021-30147
DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such as adding new manager accounts via admin.php...
Cross site scripting
DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting XSS via the description, name, or address field under admin.php...
CVE-2021-29012
DMA Softlab Radius Manager 4.4.0 suffers a session-management flaw where the same admin session cookie is issued to all admin sessions. The cookie remains valid while logged in but is temporarily invalid when logged out, effectively acting as a static password and enabling permanent access if sto...