SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit

Summary SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Description The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be...

Invoice Manager 3.1 - Cross-Site Request Forgery (Add Admin)

Invoice Manager 3.1 - Cross-Site Request Forgery Add Admin ======================================================== Invoice Manager v3.1 Cross site request forgery Add Admin Description : Invoice Manager v3.1 is vulnerable to CSRF attack No CSRF token in place which if an admin user can be tricke...

Cross site request forgery (csrf)

In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account via the index.php/user/new URI or change its settings via the index.php/user/1 URI, including its password...

Mailcow 0.14 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications + Credits: John Page a.k.a hyp3rlinx Vendor: ============= mailcow.email mailcow.github.io Product: =========== The integrated mailcow UI allows administrative work on your mail server instance as well as separated domain administrator and...

Mailcow 0.14 - Cross-Site Request Forgery

Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MAILCOW-v0.14-CSRF-PASSWORD-RESET-ADD-ADMIN.txt + ISR: ApparitionSec Vendor: ============= mailcow.email mailcow.github.io Product: =========== The integrated mailcow UI...

SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit

Exploit for windows platform in category web applications SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Server with w...

SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit

Summary SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Description The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be...

SonicDICOM PACS 2.3.2 - Cross-Site Request Forgery (Add Admin)

SonicDICOM PACS 2.3.2 CSRF Add Admin Exploit Vendor: JIUN Corporation Product web page: https://www.sonicdicom.com Affected version: 2.3.2 and 2.3.1 Summary: SonicDICOM is PACS software that combines the capabilities of DICOM Server with web browser based DICOM Viewer. Desc: The application...

Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: AlstraSoft FMyLife Pro v1.02 Script - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.alstrasoft.com/ Software Buy: http://www.alstrasoft.com/fmylife-pro.htm Demo:...

Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery (Add Admin)

Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery Add Admin Exploit Title: AlstraSoft FMyLife Pro v1.02 Script - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.alstrasoft.com/ Software Buy: http://www.alstrasoft.com/fmylife-pro.htm Demo:...

Alstrasoft Flippa Clone MarketPlace Script 4.10 - Cross-Site Request Forgery (Add Admin)

Alstrasoft Flippa Clone MarketPlace Script 4.10 - Cross-Site Request Forgery Add Admin Exploit Title: AlstraSoft Flippa Clone MarketPlace v4.10 Script - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.alstrasoft.com/ Software Buy:...

Alstrasoft Flippa Clone MarketPlace Script 4.10 - Cross-Site Request Forgery (Add Admin) Vulnerabili

Exploit for php platform in category web applications Exploit Title: AlstraSoft Flippa Clone MarketPlace v4.10 Script - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.alstrasoft.com/ Software Buy:...

Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery (Add Admin)

Exploit Title: AlstraSoft FMyLife Pro v1.02 Script - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.alstrasoft.com/ Software Buy: http://www.alstrasoft.com/fmylife-pro.htm Demo: http://www.tellaboutit.com/ Version: 1.02 Tested on: Win7 x64, Kali...

Alstrasoft Flippa Clone MarketPlace Script 4.10 - Cross-Site Request Forgery (Add Admin)

Exploit Title: AlstraSoft Flippa Clone MarketPlace v4.10 Script - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 04.02.2017 Vendor Homepage: http://www.alstrasoft.com/ Software Buy: http://www.alstrasoft.com/flippa-clone-marketplace.htm Demo: http://www.revou.com/flippa/ Version: 4.1...

FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Vulnerability: Add Admin Exploit Add/Edit/Delete/ Category, Admin Vs... Google Dork: FMyLife Clone Script Date:10.01.2017 Vendor Homepage: http://alstrasoft.com/fmylife-pro.htm Tested on: http://www.tellaboutit.com/admin/ Script Name: FMyLife...

FMyLife Clone Script Pro Edition 1.1 Cross Site Request Forgery

Vulnerability: Add Admin Exploit Add/Edit/Delete/ Category, Admin Vs... Google Dork: FMyLife Clone Script Date:10.01.2017 Vendor Homepage: http://alstrasoft.com/fmylife-pro.htm Tested on: http://www.tellaboutit.com/admin/ Script Name: FMyLife Clone Script Pro Edition Script Version: 1.1 Script Bu...

FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)

FMyLife Clone Script Pro Edition 1.1 - Cross-Site Request Forgery Add Admin Vulnerability: Add Admin Exploit Add/Edit/Delete/ Category, Admin Vs... Google Dork: FMyLife Clone Script Date:10.01.2017 Vendor Homepage: http://alstrasoft.com/fmylife-pro.htm Script Name: FMyLife Clone Script Pro Editio...

FMyLife Clone Script (Pro Edition) 1.1 - Cross-Site Request Forgery (Add Admin)

Vulnerability: Add Admin Exploit Add/Edit/Delete/ Category, Admin Vs... Google Dork: FMyLife Clone Script Date:10.01.2017 Vendor Homepage: http://alstrasoft.com/fmylife-pro.htm Script Name: FMyLife Clone Script Pro Edition Script Version: 1.1 Script Buy Now:...

ARG-W4 ADSL Router - Multiple Vulnerabilities

Exploit for hardware platform in category web applications Exploit Title: ARG-W4 ADSL Router - Multiple Vulnerabilities Date: 2016-12-11 Exploit Author: Persian Hack Team Discovered by : Mojtaba MobhaM Tested on: Windows AND Linux Exploit Demo : http://persian-team.ir/showthread.php?tid=196 1 -...

ARG-W4 ADSL Router - Multiple Vulnerabilities

Exploit Title: ARG-W4 ADSL Router - Multiple Vulnerabilities Date: 2016-12-11 Exploit Author: Persian Hack Team Discovered by : Mojtaba MobhaM Tested on: Windows AND Linux Exploit Demo : http://persian-team.ir/showthread.php?tid=196 1 - Denial of Service !/usr/bin/python import urllib2 import...