Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Conference Systems 2.3.4 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that upload a PHP file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
public knowledge project open conference systems 2.0 |
||
public knowledge project open conference systems 1.1.7 |
||
public knowledge project open conference systems 1.1.6 |
||
public knowledge project open conference systems 1.1.5 |
||
public knowledge project open conference systems 2.3.1 |
||
public knowledge project open conference systems 2.3 |
||
public knowledge project open conference systems 2.1.2-1 |
||
public knowledge project open conference systems 2.1.2 |
||
public knowledge project open conference systems 2.1.1.-2 |
||
public knowledge project open conference systems 1.1 |
||
public knowledge project open conference systems 1.0 |
||
public knowledge project open conference systems |
||
public knowledge project open conference systems 2.3.3 |
||
public knowledge project open conference systems 2.1.1-1 |
||
public knowledge project open conference systems 2.1.0-1 |
||
public knowledge project open conference systems 1.1.3 |
||
public knowledge project open conference systems 1.1.1 |
||
public knowledge project open conference systems 2.3.3-1 |
||
public knowledge project open conference systems 2.3.2 |
||
public knowledge project open conference systems 2.1.1 |
||
public knowledge project open conference systems 2.1 |
||
public knowledge project open conference systems 1.1.4 |
||
public knowledge project open conference systems 1.1.2 |