phpATM 1.32 Cross Site Request Forgery / Path Disclosure phpATM versions 1.32 and below suffers from cross site request forgery and path disclosure vulnerabilities. Leave a ReplyYou must be logged in to post a comment. Filed under: exploit - @ June 18, 2016 11:06 pm