CVE-2012-2564

Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Bloxx Web Filtering before 5.0.14 allow remote attackers to hijack the authentication of administrators for requests that perform administrative actions...

VAMCart-InternetShop 0.9 Cross Site Request Forgery / Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in admin/updateuser in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that 1 change the administrative password or 2 change the site's configuration...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Flyspray 0.9.9.6 allows remote attackers to hijack the authentication of admins for requests that add admin accounts via an admin.newuser action to index.php...

CVE-2011-5078

The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD 3 and 7.0 before ESD 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP...

CVE-2011-5011

CVE-2011-5011 affects xt:Commerce 3.0.4 SP2.1 and earlier. The issue is CSRF that lets remote attackers hijack Admin sessions by manipulating the cID parameter in two admin endpoints: statusconfirm in admin/customers.php (set a new user to Admin) and save in admin/accounting.php (grant permission...

Easy Hosting Control Panel - Admin Authentication Bypass

Easy Hosting Control Panel - Admin Authentication Bypass Exploit Title: Easy Hosting Control Panel Admin Auth Bypass Google Dork: inurl:/ehcp/?op=applyfordomainaccount Date: 10/04/2011 Author: Jasman Software Link: https://launchpad.net/ehcp & http://www.ehcp.net Version: 0.29.10 - 0.29.13 Tested...

DEBIAN-CVE-2011-2522

Multiple cross-site request forgery CSRF vulnerabilities in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that 1 shut down daemons, 2 start daemons, 3 add shares, 4 remove shares, 5 add printers...

Entrack Internet admin Auth Bypass

Exploit for asp platform in category web applications Exploit Title:Entrack: Internet Admin Auth Bypass Date: 17/6/2011 Author: Angel Injection & Noor Al-Iraqia home Page: http://www.club-h.co.cc Email: Angel-Injectionathotmail.com Vendor or Software Link:n/a Version: n/a Category:: webapps Googl...

AR Infotech Admin Auth ByPass

Exploit for php platform in category web applications ---- /\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\-/\- -/ --------------------------------|------------------------------| -/ + Exploit Title : AR Infotech Admin Auth ByPass | -/ + Date : 07 June 2011 | -/ + Author :...

SmartySolution Admin Auth ByPass

Exploit for php platform in category web applications - /\./\./\./\./\./\./\./\./\./\./\./\./\./\./\./\./\. . + Exploit Title : SmartySolution Admin Auth ByPass . + Date : 05 June 2011 . + Author : xConsoLe // Thanks to mohsan123 . + Category : WebApps . + d0rk : "by...

CORE-2010-1118: Oracle GlassFish Server Administration Console Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle GlassFish Server Administration Console Authentication Bypass 1. Advisory Information Title: Oracle GlassFish Server Administration Console Authentication Bypass...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware 2.x; and AS-100 routers allow remote attackers to hijack the authentication of administrators for...

CVE-2011-1721

Cross-site request forgery CSRF vulnerability in php/partieadministrateur/administration.php in WebJaxe 1.02 allows remote attackers to hijack the authentication of administrators for requests that 1 modify passwords or 2 add new projects. NOTE: some of these details are obtained from third party...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit accesspermissions action to index.php...

CVE-2011-0642

Cross-site request forgery CSRF vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 allows remote attackers to hijack the authentication of administrators for requests that create new users via the options action. NOTE: some of these details are obtained from third party information...

CVE-2011-0642

N-13 News CSRF vulnerability (CVE-2011-0642) affects news/admin.php in N-13 News versions 3.4, 3.7, and 4.0. The issue allows an attacker to hijack administrator sessions by forging requests that create new users via the options action. Documented impact is loss of integrity/privilege control for...

CVE-2010-3884

Cross-site request forgery CSRF vulnerability in CMS Made Simple 1.8.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that reset the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in CMS Made Simple 1.8.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that reset the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from...

ASPMass Shopping Cart - Arbitrary File Upload / Cross-Site Request Forgery

''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-30-aspmass-shopping-cart-vulnerability-file-upload-csrf/ ''' Abysssec Inc Public Advisory Title : ASPMass Shopping Cart Vulnerability File...