Vulnerabilities > Boonex > Dolphin > 7.1.4

DATE CVE VULNERABILITY TITLE RISK
2014-06-19 CVE-2014-4333 Cross-Site Request Forgery (CSRF) vulnerability in Boonex Dolphin
Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members[] parameter, related to CVE-2014-3810.
network
boonex CWE-352
6.8
6.8
2014-06-19 CVE-2014-3810 SQL Injection vulnerability in Boonex Dolphin
SQL injection vulnerability in administration/profiles.php in BoonEx Dolphin 7.1.4 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the members[] parameter.
network
low complexity
boonex CWE-89
6.5
6.5