Exploit for Cross-Site Request Forgery (CSRF) in Oneidentity Cloud_Access_Manager

CVE-2019-13497 Exploit Title: Cross Site Request Forgery CSR...

V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery

Exploit Title: V-SOL GPON/EPON OLT Platform 2.03 - Cross-Site Request Forgery Author: LiquidWorm Discovery Date: 2019-09-26 Vendor: Guangzhou V-SOLUTION Electronic Technology Co., Ltd. Product web page: https://www.vsolcn.com Tested on: GoAhead-Webs Advisory ID: ZSL-2019-5536 Advisory URL:...

CVE-2019-5590

The URL part of the report message is not encoded in Fortinet FortiWeb 6.0.2 and below which may allow an attacker to execute unauthorized code or commands Cross Site Scripting via attack reports generated in HTML form...

Cross site scripting

The URL part of the report message is not encoded in Fortinet FortiWeb 6.0.2 and below which may allow an attacker to execute unauthorized code or commands Cross Site Scripting via attack reports generated in HTML form...

CVE-2019-6968

The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected...

Design/Logic Flaw

The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected...

CVE-2019-6968

The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS because HTML form parameters are directly reflected...

CVE-2019-6968

CVE-2019-6968 affects the D-Link DVA-5592 (firmware 20180823); the web interface is vulnerable to XSS via directly reflected HTML form parameters. Red Hat entries concur the same D-Link XSS issue. The connected documents do not provide exploit details or remediation; no fix/version is specified i...

OpenMRS openmrs-module-htmlformentry input validation error vulnerability

OpenMRS is a U.S. OpenMRS company's set of open source electronic medical record system . openmrs-module-htmlformentry is one of the HTML form input module . An input validation error vulnerability exists in OpenMRS openmrs-module-htmlformentry version 3.3.2. The vulnerability stems from a networ...

Lenovo R2105 - Cross-Site Request Forgery (Command Execution)

Exploit Title: Lenovo R2105 Remote Code Execution through CSRF Date: 01/14/2019 Exploit Author: Nathu Nandwani Website: http://nandtech.co/ Version: 1.0 Tested on: Windows 10 x64 Note: The administrator who opens the URL should be authenticated. import socket serverip = "0.0.0.0" serverport = 80...

PHP-SHOP Master 1.0 Cross Site Request Forgery

Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery Add admin Exploit Author : Alireza Norkazemi Date: 2018-10-15 Vendor Homepage : https://github.com/joeyrush/PHP-SHOP Software link: https://github.com/joeyrush/PHP-SHOP/archive/master.zip Version: 1.0 Tested on: Windows 10 CVE: N/A...

PHP-SHOP master 1.0 - Cross-Site Request Forgery (Add Admin)

PHP-SHOP master 1.0 - Cross-Site Request Forgery Add Admin Exploit Title: PHP-SHOP master 1.0 - Cross-Site Request Forgery Add admin Exploit Author : Alireza Norkazemi Date: 2018-10-15 Vendor Homepage : https://github.com/joeyrush/PHP-SHOP Software link:...

Xxe

An XML External Entity XXE vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0...

CVE-2018-16521

An XML External Entity XXE vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0...

CVE-2018-16521

An XML External Entity XXE vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0...

Twitter-Clone 1 - Cross-Site Request Forgery (Delete Post)

Exploit Title: Twitter-Clone 1 - Cross-Site Request Forgery Delete Post Date: 2018-08-21 Exploit Author: L0RD Vendor Homepage: https://github.com/Fyffe/PHP-Twitter-Clone/ Version: 1 CVE: N/A Tested on: Win 10 Description : An issue was discovered in Twitter-Clone 1 which allows a remote attacker ...

ILIAS 5.3.2 / 5.2.14 / 5.1.25 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ILIAS 5.3.2 / 5.2.14 / 5.1.25 Cross Site Scripting Vulnerability Product: ILIAS Affected Versions: 5.3.2, 5.2.14, 5.1.25 Tested Versions: 5.3.2, 5.2.12 Vulnerability Type: Reflected Cross-Site-Scripting Risk Level: MEDIUM Solution Status: Fixe...

KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery Vulnerability

Exploit for jsp platform in category web applications Exploit Title: Application wide CSRF Bypass Date: Sep, 2017 Exploit Author: Saurabh Banawar Vendor Homepage: http://keystonejs.com/ Software Link: https://github.com/keystonejs/keystone Version: 4.0.0 Tested on: Windows 8.1 CVE : 2017-16570...

Gnew 2018.1 Cross Site Request Forgery

Exploit Title: Gnew 2018.1 - Cross-Site Request Forgery Date: 26/01/2018 Exploit Author: Cyril Vallicari / HTTPCS - ZIWIT Vendor website : http://gnew.xyz/ Software download : http://www.gnew.xyz/pages/download.php Version: 2018.1 Tested on: Windows 10 Home x64 / Kali Linux Product description :...

KeystoneJS 4.0.0-beta.7 - Cross-Site Request Forgery

KeystoneJS 4.0.0-beta.7 - Cross-Site Request Forgery Exploit Title: Application wide CSRF Bypass Date: Sep, 2017 Exploit Author: Saurabh Banawar Vendor Homepage: http://keystonejs.com/ Software Link: https://github.com/keystonejs/keystone Version: 4.0.0 Tested on: Windows 8.1 CVE : 2017-16570 Lin...