Cross-site request forgery (CSRF) vulnerability in modules/config/admin_utente.php in GAzie 5.20 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that change account information via an update action, as demonstrated by changing the password.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
devincentiis gazie 5.17 |
||
devincentiis gazie 5.16 |
||
devincentiis gazie 5.9 |
||
devincentiis gazie 5.8 |
||
devincentiis gazie 5.1 |
||
devincentiis gazie 5.0 |
||
devincentiis gazie 4.0.6 |
||
devincentiis gazie 4.0.5 |
||
devincentiis gazie 3.0.10 |
||
devincentiis gazie 3.0.9 |
||
devincentiis gazie 3.0.2 |
||
devincentiis gazie 3.0.1 |
||
devincentiis gazie 2.0.9 |
||
devincentiis gazie 2.0.8 |
||
devincentiis gazie 5.15 |
||
devincentiis gazie 5.14 |
||
devincentiis gazie 5.7 |
||
devincentiis gazie 5.6 |
||
devincentiis gazie 4.0.13 |
||
devincentiis gazie 4.0.12 |
||
devincentiis gazie 4.0.4 |
||
devincentiis gazie 4.0.3 |
||
devincentiis gazie 3.0.8 |
||
devincentiis gazie 3.0.7 |
||
devincentiis gazie 3.0.0 |
||
devincentiis gazie 2.0.15 |
||
devincentiis gazie 2.0.7 |
||
devincentiis gazie |
||
devincentiis gazie 5.19 |
||
devincentiis gazie 5.18 |
||
devincentiis gazie 5.11 |
||
devincentiis gazie 5.10 |
||
devincentiis gazie 5.3 |
||
devincentiis gazie 5.2 |
||
devincentiis gazie 4.0.8 |
||
devincentiis gazie 4.0.7 |
||
devincentiis gazie 3.0.12 |
||
devincentiis gazie 3.0.11 |
||
devincentiis gazie 3.0.4 |
||
devincentiis gazie 3.0.3 |
||
devincentiis gazie 2.0.11 |
||
devincentiis gazie 2.0.10 |
||
devincentiis gazie 5.13 |
||
devincentiis gazie 5.12 |
||
devincentiis gazie 5.5 |
||
devincentiis gazie 5.4 |
||
devincentiis gazie 4.0.11 |
||
devincentiis gazie 4.0.10 |
||
devincentiis gazie 4.0.9 |
||
devincentiis gazie 4.0.2 |
||
devincentiis gazie 4.0.1 |
||
devincentiis gazie 3.0.6 |
||
devincentiis gazie 3.0.5 |
||
devincentiis gazie 2.0.14 |
||
devincentiis gazie 2.0.13 |
||
devincentiis gazie 2.0.12 |
Vulmon