Description
Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members[] parameter, related to CVE-2014-3810.
Remediation
References
Related Vulnerabilities
Joomla Improper Input Validation Vulnerability (CVE-2016-8869)
WordPress Plugin ProPlayer 'pp_playlist_id' Parameter SQL Injection (4.7.7)
WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.2)
MySQL CVE-2018-3145 Vulnerability (CVE-2018-3145)
WordPress Plugin cdnvote 'cdnvote-post.php' Multiple SQL Injection Vulnerabilities (0.4.1)