Description
Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members[] parameter, related to CVE-2014-3810.
Remediation
References
Related Vulnerabilities
RubyGems Improper Authentication Vulnerability (CVE-2022-36073)
WordPress Plugin ActiveCampaign-Forms, Site Tracking, Live Chat Cross-Site Request Forgery (8.0.1)
PHP Numeric Errors Vulnerability (CVE-2010-4409)
WebLogic Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2021-21347)
WordPress Cryptographic Issues Vulnerability (CVE-2009-3622)