CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

seebug.org•added 2014/07/01 12:0 a.m.•11 views

Flyspray 0.9.9.6 CSRF Vulnerability

No description provided by source. Exploit Title: Flyspray 0.9.9.6 CSRF Vulnerability Date: 06 Feb 2012 Author: Vaibhav Gupta Software Link: http://flyspray.org/flyspray-0.9.9.6.zip Version: 0.9.9.6 +---+CSRF Add Admin Account after authentication+---+ html body...

7.1AI score

Exploits0

CVE•added 2012/02/14 12:0 a.m.•33 views

CVE-2012-1058

Summary: CVE-2012-1058 is a CSRF vulnerability in Flyspray 0.9.9.6 that allows remote attackers to hijack admin authentication by triggering admin.newuser actions on index.php to add new admin accounts. What is affected: Flyspray 0.9.9.6. The connected documents describe the vulnerability as CSRF...

6CVSS7.3AI score0.00283EPSS

Exploits1References5Affected Software1

exploitpack•added 2012/02/07 12:0 a.m.•7 views

Flyspray 0.9.9.6 - Cross-Site Request Forgery

Flyspray 0.9.9.6 - Cross-Site Request Forgery Exploit Title: Flyspray 0.9.9.6 CSRF Vulnerability Date: 06 Feb 2012 Author: Vaibhav Gupta Software Link: http://flyspray.org/flyspray-0.9.9.6.zip Version: 0.9.9.6 +---+CSRF Add Admin Account after authentication+---+ CSRF Exploit to add ADMIN account...

1AI score

Exploits0

Packet Storm•added 2012/02/07 12:0 a.m.•15 views

Flyspray 0.9.9.6 Cross Site Request Forgery

Exploit Title: Flyspray 0.9.9.6 CSRF Vulnerability Date: 06 Feb 2012 Author: Vaibhav Gupta Software Link: http://flyspray.org/flyspray-0.9.9.6.zip Version: 0.9.9.6 +---+CSRF Add Admin Account after authentication+---+ CSRF Exploit to add ADMIN account...

0.8AI score

Exploits0

Prion•added 2007/06/26 11:30 p.m.•9 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the administration of 1 polls, 2 profiles, 3 IP bans, and 4 forums in a web-app.org WebAPP 0.8 through 0.9.9.6; and b web-app.net WebAPP 0.9.9.3.3, 0.9.9.3.4, and 2007; allow remote attackers to perform deletions as administrators...

5CVSS7.6AI score0.00156EPSS

Exploits0References4Affected Software1

Prion•added 2007/04/03 12:19 a.m.•15 views

Code injection

Unspecified vulnerability in the Username Hijacking Patch 20070312 for web-app.org WebAPP 0.9.9.6 allows remote attackers to obtain administrative access via unknown vectors, related to "something overlooked in the original that was still overlooked in the patch", and possibly related to copying...

4.3CVSS7.3AI score0.00335EPSS

Exploits0References3Affected Software1

NVD•added 2007/04/03 12:19 a.m.•12 views

CVE-2007-1830

4.3CVSS6.8AI score0.00335EPSS

Exploits0References3

Cvelist•added 2007/04/03 12:0 a.m.•16 views

CVE-2007-1831

web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to open files and write "wrong data" via a crafted QUERYSTRING...

6.2AI score0.01392EPSS

Exploits0References6

Cvelist•added 2007/04/03 12:0 a.m.•20 views

CVE-2007-1828

Multiple cross-site scripting XSS vulnerabilities in web-app.org WebAPP before 0.9.9.6 allow remote authenticated users to inject arbitrary web script or HTML via 1 the QUERYSTRING corresponding to drop downs or 2 various forms...

5.4AI score0.00371EPSS

Exploits0References7

Cvelist•added 2007/04/03 12:0 a.m.•17 views

CVE-2007-1832

web-app.org WebAPP before 0.9.9.6 allows remote authenticated users to upload certain files 1 via a crafted filename or 2 by "using percent encoding in forms."...

6.2AI score0.00427EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by