Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 up to and including 0.1.4 allow remote malicious users to hijack the authentication of administrators for requests that conduct (1) shell metacharacter or (2) SQL injection attacks or (3) send an SMS message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bulbsecurity smartphone pentest framework 0.1.4 |
||
bulbsecurity smartphone pentest framework 0.1.2 |
||
bulbsecurity smartphone pentest framework 0.1.3 |