CVE-2012-2629

Multiple cross-site request forgery CSRF and cross-site scripting XSS vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add an administrator account via an addnew action to admin/administratorsadd.php; or 2 conduct...