WordPress Plugin TweetScribe Cross-Site Request Forgery Vulnerability

WordPress is a blogging platform developed using the PHP language that allows users to set up their own weblogs on servers that support PHP and MySQL databases.TweetScribe plugin is a plugin that allows you to subscribe to WordPress blogs using your Twitter account through the tweetscribe.me...

WordPress plugin Lightbox Photo Gallery suffers from multiple cross-site request forgery vulnerabilities

WordPress is a use of PHP language development of blogging platform , users can support PHP and MySQL database server set up their own weblog . Lightbox Photo Gallery plugin is to provide automatic generation of thumbnails , watermarks , the use of slideshow way to view pictures and other feature...

Multiple Cross-Site Request Forgery Vulnerabilities in Viralheat Argyle Social

Viralheat Argyle Social is a suite of enterprise social media platforms from Viralheat USA. Argyle Social suffers from multiple cross-site request forgery vulnerabilities that allow remote attackers to hijack administrator authentication requests...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Our Team Showcase our-team-enhanced plugin before 1.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or 2 conduct cross-site...

Multiple Cross-Site Request Forgery Vulnerabilities in Kandidat CMS

Multiple cross-site request forgery vulnerabilities exist in Kandidat CMS version 1.4.2, which allows remote attackers to exploit the vulnerabilities to hijack administrator request authentication...

SyndeoCMS Cross-Site Request Forgery Vulnerability

SyndeoCMS is a content management system for elementary schools. A cross-site request forgery vulnerability exists in SyndeoCMS 3.0 and prior versions that allows remote attackers to hijack the authentication of an administrator's request to add a user account, saveuser...

CVE-2011-5318

Multiple cross-site request forgery CSRF vulnerabilities in diafan.CMS before 5.1 allow remote attackers to hijack the authentication of administrators for requests that 1 modify articles via a savepost action to admin/news/saveNEWSID/, 2 modify settings via a savepost action to admin/site/save2/...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the 1 admin or 2 dial password via a request to httpd/cgi-bin/changepw.cgi...

CVE-2014-9431

Multiple cross-site request forgery CSRF vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the 1 admin or 2 dial password via a request to httpd/cgi-bin/changepw.cgi...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Simplelife plugin 1.2 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 simplehoverback, 2 simplehovertext, 3...

Multiple Cross-Site Request Forgery Vulnerabilities in Revive Adserver

Revive Adserver is open source ad server. Versions of Revive Adserver prior to 3.0.5 have multiple cross-site request forgery vulnerabilities that allow remote attackers to exploit vulnerabilities to hijack administrator request authentication...

CVE-2014-5217

Cross-site request forgery CSRF vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager NAM 4.x before 4.1 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via an fw.SetPassword...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the SPNbabble plugin 1.4.1 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 username or 2 password parameter in the...

CVE-2014-9407

Multiple cross-site request forgery CSRF vulnerabilities in Revive Adserver before 3.0.5 allow remote attackers to hijack the authentication of administrators for requests that 1 delete data via a request to agency-delete.php, 2 tracker-delete.php, or 3 userlog-delete.php in admin/ or 4 unlink...

CVE-2014-9344

Cross-site request forgery CSRF vulnerability in Snowfox CMS before 1.0.10 allows remote attackers to hijack the authentication of administrators for requests that add a new admin account via a submit action in the admin/accounts/create uri to snowfox/...

CVE-2014-9101

Multiple cross-site request forgery CSRF vulnerabilities in Oxwall 1.7.0 build 7907 and 7906 and SkaDate Lite 2.0 build 7651 allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks or possibly have other unspecified impact v...

CVE-2014-9019

Multiple cross-site request forgery CSRF vulnerabilities in ZTE ZXDSL 831CII allow remote attackers to hijack the authentication of administrators for requests that 1 change the admin user name or 2 conduct cross-site scripting XSS attacks via the sysUserName parameter in a save action to...

CVE-2014-9027

CVE-2014-9027 describes multiple cross-site request forgery (CSRF) vulnerabilities in the ZTE ZXDSL 831CII. The issue allows remote attackers to hijack the administrator’s session to trigger requests that disable modem LAN ports via parameters to accesslocal.cmd (enblftp, enblhttp, enblsnmp, enbl...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in Php Scriptlerim Who's Who script allow remote attackers to hijack the authentication of administrators or requests that 1 add an admin account via a request to filepath/yonetim/plugin/adminsave.php or have unspecified impact via a reques...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in EGroupware Enterprise Line EPL before 1.1.20140505, EGroupware Community Edition before 1.8.007.20140506, and EGroupware before 14.1 beta allow remote attackers to hijack the authentication of administrators for requests that 1 create an...