Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1 final allows remote malicious users to hijack the authentication of administrators for requests that modify account settings such as the administrator password or email via certain Settings[] parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dclassifieds dclassifieds 0.1 |