7 matches found
SOPlanning 1.52.00 Cross Site Request Forgery
/ !-- Update the following field to change the admins password to the...
SOPlanning 1.52.00 Cross Site Request Forgery Vulnerability
/...
Cross site request forgery (csrf)
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajaxserver.php...
CVE-2020-9266
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajaxserver.php...
CVE-2020-9266
SOPlanning 1.45 is affected by a Cross-Site Request Forgery (CSRF) vulnerability that lets an attacker arbitrarily change the administrator password via the endpoint process/xajax_server.php. The underlying issue is a CSRF in the admin password change flow; this is documented across multiple sour...
CVE-2020-9267
CVE-2020-9267 affects SOPlanning 1.45, where a CSRF flaw in process/xajax_server.php allows an attacker to create arbitrary user accounts. The vulnerability is documented across multiple sources (NVD, Red Hat, CNVD, CVE.org) with consistent details that the issue is a CSRF risk in the SOPlanning ...
CVE-2020-9267
SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajaxserver.php...