CSRF Vulnerability in VR GPub 4.0 Allows Remote Admin Account Hijacking

CSRF Vulnerability in VR GPub 4.0 Allows Remote Admin Account Hijacking

CVE-2012-5005 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in admin/admin_options.php in VR GPub 4.0 allows remote attackers to hijack the authentication of admins for requests that add admin accounts via an add action.

Learn more about our Web Application Penetration Testing UK.