Vulnerabilities > Boonex > Dolphin > 7.1.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-06-19 | CVE-2014-4333 | Cross-Site Request Forgery (CSRF) vulnerability in Boonex Dolphin Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members[] parameter, related to CVE-2014-3810. | 6.8 |
2014-06-19 | CVE-2014-3810 | SQL Injection vulnerability in Boonex Dolphin SQL injection vulnerability in administration/profiles.php in BoonEx Dolphin 7.1.4 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the members[] parameter. | 6.5 |