Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:phpscriptlerim:php_scriptlerim_who\'s_who:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-8953 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that (1) add an admin account via a request to filepath/yonetim/plugin/adminsave.php or have unspecified impact via a request to (2) ayarsave.php, (3) uyesave.php, (4) slaytadd.php, or (5) slaytsave.php. Published: November 17, 2014; 11:59:09 AM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |