1349 matches found
Fedora 19 : mediawiki-1.21.8-1.fc19 (2014-4511)
bug 62497 SECURITY: Add CSRF token on Special:ChangePassword. - bug 62467 Set a title for the context during import on the cli. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean...
Khan Academy: CSRF - Adding/Removing items to cart - shop.khanacademy.org
Hi there, I've discovered a possiblity to remove/add items to a users' cart at shop.khanacademy.org. Details - Host: shop.khanacademy.org - URL: http://shop.khanacademy.org/cart - Affected parameters: updatesPRODUCTID Steps to reproduce - 1. Visit http://shop.khanacademy.org/cart and empty your...
Katello (Red Hat Satellite) users/update_roles Missing Authorization
This Metasploit module exploits a missing authorization vulnerability in the "updateroles" action of "users" controller of Katello and Red Hat Satellite Katello 1.5.0-14 and earlier by changing the specified account to an administrator account. This module requires Metasploit:...
LifeSize UVC Authenticated Remote Command Execution
When authenticated as an administrator on LifeSize UVC 1.2.6, an attacker can abuse the ping diagnostic functionality to achieve remote command execution as the www-data user or equivalent. This module requires Metasploit: http//metasploit.com/download Current source:...
OkCupid: https://www.okcupid.com/hidden-users CSRF vulnerability.
Hi, The html code below : Will make it possible to hide an user.. You can patch this by supplying a CSRF token : Best regards, Olivier Beg...
Phabricator: CSRF token valid even after the session logout of a particular user
Hi, To reproduce the issue: 1 Login to your https://secure.phabricator.com account and copy your Anti CSRF token. 2 Now logout and again login after sometime. 3 Open up your burp suite to modify the request and now submit any form with your old CSRF token. The request will be completed. So let's...
Slack: State parameter missing on google OAuth
Hi, State parameter i.e anti-csrf token to prevent session hijacking attacks is missing on Google OAuth i.e...
WHMCS 5.2.7 – SQL Injection Vulnerability-vulnerability warning-the black bar safety net
Vulnerability file /includes/dbfunctions.php: ? php function updatequery$table, $array, $where ... if substr$value, 0, 1 1 == 'AESENCRYPT' $query .= $value.','; continue; ... $result = mysqlquery$query, $whmcsmysql; ?& gt; EXP: !/ usr/bin/env python 2013/10/03 - WHMCS 5.2.7 SQL Injection...
FortiOS 5.0.5 Cross Site Scripting
I. VULNERABILITY ------------------------- Reflected XSS Attacks vulnerabilities in FortiOS 5.0.5 II. BACKGROUND ------------------------- Fortinet's industry-leading, Network Security Platforms deliver Next Generation Firewall NGFW security with exceptional throughput, ultra low latency, and...
Joomla! JomSocial component < 3.1.0.1 - Remote code execution
------------------------------------------------------------- Joomla! JomSocial component 3.1.0.1 - Remote code execution ------------------------------------------------------------- == Description == - Software link: http://www.jomsocial.com/ - Affected versions: All versions = 2.6 and 3.1.0.1...
CVE-2013-2628
Multiple cross-site request forgery CSRF vulnerabilities in action.php in Leed Light Feed, possibly before 1.5 Stable, allow remote attackers to hijack the authentication of administrators for unspecified requests, related to the lack of an anti-CSRF token...
CVE-2013-2628
Leed (Light Feed) contains CSRF vulnerabilities in action.php (CVE-2013-2628), likely present before 1.5 Stable. The issue arises from missing anti-CSRF tokens, allowing an attacker to perform actions as a logged-in administrator by inducing the admin to visit a malicious link or site. The CSNC a...
HP Operations Orchestration Central 9.06 Cross Site Scripting
Name: XSS in HP Operations Orchestration Central version 9.06 Systems Affected: HP Operations Orchestration version 9.06 Severity: High Vendor: Hewlett-Packard References: CVE-2013-6191, CVE-2013-6192, SSRT101342 Author: Bart Leppens Date: 20130919 I. BACKGROUND HP Operations Orchestration HP OO ...
Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities
Sagemcom F@st 3184 2.1.11 - Multiple Vulnerabilities +------------------------------------------------------------------------------+ | HOTBOX is the leading router/modem appliance of | | HOT Cable communication company in israel. | | The Appliance is manufactured by SAGEMCOM | | and carries the...
HOTBOX 2.1.11 CSRF / Traversal / Denial Of Service
HOTBOX router/modem version 2.1.11 suffers from cross site request forgery, denial of service, script injection, and directory traversal vulnerabilities. Denial of service and cross site request forgery proof of concepts included...
HOTBOX 2.1.11 CSRF / Traversal / Denial Of Service
+------------------------------------------------------------------------------+ | HOTBOX is the leading router/modem appliance of | | HOT Cable communication company in israel. | | The Appliance is manufactured by SAGEMCOM | | and carries the model name F@st 3184. |...
CVE-2013-4302
1 ApiBlock.php, 2 ApiCreateAccount.php, 3 ApiLogin.php, 4 ApiMain.php, 5 ApiQueryDeletedrevs.php, 6 ApiTokens.php, and 7 ApiUnblock.php in includes/api/ in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allow remote attackers to obtain CSRF tokens and bypass the...
WHMCS 5.2.7 - SQL Injection Exploit
Exploit for php platform in category web applications !/usr/bin/env python 2013/10/03 - WHMCS 5.2.7 SQL Injection http://localhost.re/p/whmcs-527-vulnerability url = 'http://clients.target.com/' wopsie dopsie useremail = 'email protected' just create a dummie account at /register.php userpwd =...
WHMCS 5.2.7 SQL Injection
!/usr/bin/env python 2013/10/03 - WHMCS 5.2.7 SQL Injection http://localhost.re/p/whmcs-527-vulnerability url = 'http://clients.target.com/' wopsie dopsie useremail = '[email protected]' just create a dummie account at /register.php userpwd = 'hacker' import urllib, re, sys from urllib2 impo...
phpwind配置不当可导致CSRF发帖
简要描述: phpwind配置不当可导致CSRF发帖 详细说明: crossdomain.xml的默认设置: - 虽然有建议 但是普通站长谁没事改这个啊,还不如你们在安装时直接根据host重写下crossdomain.xml得了。 先取到csrf的token function gethash function getformhashtxt txt = txt.split'csrftoken" value="'1.split'"'0; return txt; var resultlv:LoadVars = new LoadVars; resultlv.onData = functiontx...