Share:

CVE-2019-16059 - Sapplica Sentrifugo

September 6, 2019

Critical 8.8

Sentrifugo 3.2 lacks CSRF protection. This could lead to an attacker tricking the administrator into executing arbitrary code at index.php/dashboard/viewprofile via a crafted HTML page.

Affected software

Sapplica Sentrifugo

Reference links

https://www.sevenlayers.com/index.php/246-sentrifugo-3-2-csrf

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.