MidnightBSD

Advisories for savsoft_technologies

CVE-2014-100025 MEDIUM

Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
savsoft_technologies savsoft_quiz -