Lucene search
MitreCVELIST:CVE-2014-5335HistoryAug 25, 2014 - 4:00 p.m.
CVE-2014-5335
2014-08-2516:00:00
mitre
www.cve.org
3
Multiple cross-site request forgery (CSRF) vulnerabilities in innovaphone PBX 10.00 sr11 and earlier allow remote attackers to hijack the authentication of administrators for requests that modify configurations or user accounts, as demonstrated by (1) changing the administrator password via a crafted request to CMD0/mod_cmd.xml or (2) adding a new SIP user via a crafted request to PBX0/ADMIN/mod_cmd_login.xml.
Related
exploitdb
exploitdb
Innovaphone PBX Admin-GUI - Cross-Site Request Forgery
2014-08-25 00:00:00
nvd
nvd
CVE-2014-5335
2014-08-25 16:55:03
cve
cve
CVE-2014-5335
2014-08-25 16:55:03
packetstorm
packetstorm
Innovaphone PBX Cross Site Request Forgery
2014-08-22 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-08-25 16:55:00
securityvulns
securityvulns
[CVE-2014-5335] CSRF in Innovaphone PBX
2014-08-26 00:00:00
exploitpack
exploitpack
Innovaphone PBX Admin-GUI - Cross-Site Request Forgery
2014-08-25 00:00:00
zdt
zdt
Innovaphone PBX Cross Site Request Forgery Vulnerability
2014-08-22 00:00:00
Innovaphone PBX Admin-GUI - CSRF Vulnerability
2014-08-26 00:00:00
seebug
seebug
Innovaphone PBX Admin-GUI - CSRF Vulnerability
2014-08-26 00:00:00