27 matches found
Authentication flaw
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could allow an attacker to manipulate the admin after numerous attempts at guessing credentials. Affected Product: spaceLYnk V2.6.2 and prior, Wiser for KNX formerly homeLYnk V2.6.2 and prior, fellerLYn...
PT-2021-15921 · WordPress · Vikrentcar Car Rental Management System
Name of the Vulnerable Software and Affected Versions: VikRentCar Car Rental Management System WordPress plugin versions prior to 1.1.7 Description: The issue is related to a stored Cross-Site Scripting problem. It arises because the field name in the custom field option is not properly sanitised...
Official MailerLite Sign Up Forms < 1.4.5 - Multiple CSRF Issues
Despite fixing the SQL injection, the plugin was still affected by CSRF issues, which could allow an attacker to make a logged in administrator edit, add, and delete arbitrary signup form views...
ownCloud Multiple Vulnerabilities (May 2017)
ownCloud is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:owncloud:owncloud"; if description...
Server: Normal user can somehow make admin to delete shared folders
A Attacker is logged in as a normal user and can somehow make admin to delete shared folders For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...
RV Article Publisher - Cross-Site Request Forgery
Exploit Title: RV Article publisher CSRF Vulnerability Date: 26/08/2012 Author: DaOne @LibyanCA Vendor: http://www.scripts4webmasters.com Greetings to LCA CSRF Add Admin...
Simple PHP Agenda 2.2.8 - Cross-Site Request Forgery (Add Admin / Add Event)
+--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Simple PHP Agenda = 2.2.8 CSRF Add Admin - Add Event Date : 29-03-2012 Author : Ivano Binetti http://ivanobinetti.com Software link :...