Cross-site request forgery (CSRF) vulnerability in admin/settings.php in IPN Pro 3 1.44 and previous versions allows remote malicious users to change the admin password via a logout action in conjunction with the admin_id, newpass_1, and newpass_2 parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ipn-mate ipn pro 3 |