Vulnerabilities > Globiz Solutions
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-12-08 | CVE-2014-9344 | Cross-Site Request Forgery (CSRF) vulnerability in Globiz Solutions Snowfox Content Management System 1.0 Cross-site request forgery (CSRF) vulnerability in Snowfox CMS before 1.0.10 allows remote attackers to hijack the authentication of administrators for requests that add a new admin account via a submit action in the admin/accounts/create uri to snowfox/. | 6.8 |
2014-12-08 | CVE-2014-9343 | Remote Security vulnerability in Globiz Solutions Snowfox Content Management System 1.0 Open redirect vulnerability in modules/system/controller/selectlanguage.class.php in Snowfox CMS 1.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the rd parameter in a submit action to snowfox/. network globiz-solutions | 5.8 |