Bi0

**Name of the Vulnerable Software and Affected Versions** Acc PHP eMail version 1.1 **Description** A cross-site request forgery issue exists, allowing remote attackers to hijack administrator authentication for password change requests. **Recommendations** For Acc PHP eMail version 1.1, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Ad Manager Pro versions 3.0 **Description** A cross-site request forgery issue allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an `admin created` action in the administration/admins.php file. **Recommendations** For version 3.0, consider disabling the `admin created` action in the administration/admins.php file as a temporary workaround until a patch is available. Restrict access to the administration/admins.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Link Up Gold version 5.0 **Description** A cross-site request forgery issue exists, allowing remote attackers to hijack administrator authentication for requests that create administrative accounts. **Recommendations** For version 5.0, update to a version that includes a fix for this issue, as no specific workaround is provided for this version.