Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that (1) add an admin account via a request to filepath/yonetim/plugin/adminsave.php or have unspecified impact via a request to (2) ayarsave.php, (3) uyesave.php, (4) slaytadd.php, or (5) slaytsave.php.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Phpscriptlerim |
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2014-8780 | Multiple cross-site request forgery (CSRF) vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that (1) add an admin account via a request to filepath/yonetim/plugin/adminsave.php or have unspecified impact via a request to (2) ayarsave.php, (3) uyesave.php, (4) slaytadd.php, or (5) slaytsave.php. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-06T13:33:12.620Z
Reserved: 2014-11-17T00:00:00
Link: CVE-2014-8953
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2014-11-17T16:59:09.603
Modified: 2025-04-12T10:46:40.837
Link: CVE-2014-8953
Redhat
No data.
OpenCVE Enrichment
No data.