Sagem F@ST 2604 Cross Site Request Forgery

================================================================================ || | | || || || |/ | || |/ | | | | | | | | | | | \ | | | | \ ================================================================================ Exploit Title: Sagem F@ST 2604 CSRF Vulnerability ADSL Router Author: KinG...

SyndeoCMS 3.0 - Cross-Site Request Forgery

+--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : SyndeoCMS I'm adding ADMIN account input type="hidden" name="access3...

CVE-2011-0217

Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields...

Design/Logic Flaw

Apple Safari before 5.0.6 provides AutoFill information to scripts that execute before HTML form submission, which allows remote attackers to obtain Address Book information via a crafted form, as demonstrated by a form that includes non-visible fields...

Front Accounting 2.3.4 Cross Site Request Forgery

------------------------------------------------------------------------ --Description-- A cross-site request forgery vulnerability in Front Accounting 2.3.4 can be exploited to create a new admin. --PoC--...

CVE-2011-0682

Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via an HTML form with a select element that contains a large number of children...

Integer overflow

Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via an HTML form with a select element that contains a large number of children...

CVE-2011-0682

Integer truncation error in opera.dll in Opera before 11.01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via an HTML form with a select element that contains a large number of children...

Web@All 1.1 Remote Admin Settings Change Exploit

=========================================== Web@all Date: 27/12/2010 Site: http://www.giudinvx.altervista.org/ -------------------------------------------------------- Application Info: web@all 1.1 web@all is a CMS which is not similar to general CMS, you can build it easyly by yourself...

ZenPhoto - Config Update Command Execution

ZenPhoto - Config Update Command Execution body font-family:tahoma;font-size:14px "; echo "Zen Photo Image Gallery 1.3 Reset admin Password By : Abysssec @ Inc www.Abysssec.com After click on below , if target will can co...

XMB 1.9.11 Cross Site Request Forgery

...

Kleeja Upload - Cross-Site Request Forgery (Change Admin Password)

Exploit Title: Kleeja Upload - CSRF Change Admin Password Date: 11-08-2010 Author: KOLTN & [email protected] Software Link: http://www.kleeja.com Software Download: http://www.kleeja.com/download/ Type : CSRF Version: all Version Greetz to : Juba & Mushii Exploit Change Admin Password...

chillyCMS 1.1.3 Cross Site Request Forgery

input type="hidden...

Software Index a remote file upload vulnerability-vulnerability warning-the black bar safety net

Upload file filter is not strict, resulting in remote file upload executable code vulnerabilities. Bulk Google Dork : Copyright 2 0 1 0. Software Index Exp: the html head TitleSelect Image File for uploading/Title script language="JavaScript" function checkFile if form1. userfile. value == ""...

Store Locator - Cross-Site Request Forgery (Add Admin)

Store Locator - Cross-Site Request Forgery Add Admin vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: ::::::: Store Locator Remote Add Admin Exploit User: Pass: :::::::::::::::::::::::::::::::::::::::::: Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz -inejcteur-4PY-SaYrOs...

TR Forum 1.5 - Cross-Site Request Forgery (Add Admin)

======================================================================================== | Title : TR Forum 1.5 insert admin CSRF Vulnerability | Author : EL-KAHINA | email : No-Mail | Home : www.iqs3cur1ty.com/vb | Tested on: windows SP2 Français V.Pnx2 2.0 + Lunix Français v.9.4 Ubuntu | Bug :...

60 cycleCMS 2.5.2 - Cross-Site Request Forgery (Change Username and Password)

60 cycleCMS 2.5.2 - Cross-Site Request Forgery Change Username and Password ======================================================================================== | Title : 60 cycleCMS V 2.5.2 CSRF Change Username & Password Exploit | Author : EL-KAHINA | Home : www.iqs3cur1ty.com/vb | Web Site...

Wolf CMS 0.6.0a Cross Site Request Forgery

Exploit Title: Wolf CMS Change Admin Password CSRF Date: 2010-04-03 Author: Stefan M. Software Link: http://www.wolfcms.org/ Version: 0.6.0a Email: [email protected] GreeTz to: d14la.k.a Teo & baltazar --- START OF HTML CODE --- Bengali Chinese Croat...

JVN#41842181 PrettyFormMail vulnerable to cross-site scripting

PrettyFormMail from PrettyBook is a software that sends emails with contents that are input into a HTML form. PrettyFormMail contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use PrettyFormMail As patches will not ...

Upload vulnerabilities hidden to text breakthrough hand-vulnerability warning-the black bar safety net

Article author:udb311 This article is by a upload the page break upload, saying at the time the group where talking about. Issued XXX website upload address, research over research in the past. Didn't find the breakthrough, the local modify the upload submission is still not a breakthrough. Just ...