2 matches found
CVE-2021-30147
DMA Softlab Radius Manager 4.4.0 is vulnerable to Cross-Site Request Forgery (CSRF), which can allow an attacker to add new manager accounts via admin.php. The issue is documented in multiple sources (e.g., CVE-2021-30147 entries and related CSRF disclosures). Affected component is the Radius Man...
CVE-2010-4275
Radius Manager 3.8.0 is affected by multiple stored XSS vulnerabilities. The issue arises in the admin.php actions update_usergroup and store_nas, where unsanitized inputs for name/descr can inject arbitrary script/HTML. Exploitation requires an authenticated administrator; impact is limited to t...