EUVD-2017-8315

Malware in sbrugna...

CVE-2024-44734

Incorrect access control in Mirotalk before commit 9de226 allows attackers to arbitrarily change usernames via sending a crafted roomAction request to the server...

CVE-2024-44734

The CVE-2024-44734 vulnerability affects Mirotalk/MiroTalk prior to commit 9de226. The root cause is improper access control in handling roomAction requests, enabling an attacker to arbitrarily change usernames on the server. This is described consistently across multiple sources (NVD, Red Hat se...

Ecwid Ecommerce Shopping Cart < 6.12.5 - Arbitrary Plugin Settings Change via CSRF

Description The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack. http://vulnerable-site.tld/wp-admin/admin-ajax.php?action=ecwidstorefrontsetpageslug&slug=hehehehe Besides, you can disable the...

Improper access control

A broken access control vulnerability in the SubNethandlerfunc function of spxrestservice allows an attacker to arbitrarily change the security access rights to KVM and Virtual Media functionalities. This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0...

Latest Tweets Widget <= 1.1.4 - Arbitrary Settings Update via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack PoC...

Genie WP Favicon <= 0.5.2 - Arbitrary Favicon Change via CSRF

The plugin does not have CSRF in place when updating the favicon, which could allow attackers to make a logged in admin change it via a CSRF attack // 32x32 white png const buf =...

Image Source Control < 2.3.1 - Contributor+ Arbitrary Post Meta Value Change

The plugin allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts even those they should not be able to edit Run while in the Post/Page editor as a contributor jQuery.postajaxurl, action: "iscsavemeta", nonce: iscData.nonce, id:781, key:...

CVE-2021-24473 User Profile Picture < 2.6.0 - Arbitrary User Picture Change/Deletion via IDOR

The User Profile Picture WordPress plugin before 2.6.0 was affected by an IDOR issue, allowing users with the uploadimage capability by default author and above to change and delete the profile pictures of other users including those with higher roles...

HM Multiple Roles < 1.3 - Arbitrary Role Change

The plugin does not have any access control to prevent low privilege users to set themselves as admin via their profile page PoC As any authenticated user, go to your Profile page and Tick the Administrator Role checkbox. In v1.2, the checkboxes are disabled in the UI but can be tampered with by...

Malicious owner can arbitrarily change fee to any % value

Handle 0xRajeev Vulnerability details Impact Tracer protocol like any other allows market creators to charge fees for trades. However, a malicious/greedy owner can arbitrarily change fee to any % value and without an event to observe this change or a timelock to react, there is no easy way for...

WordPress: Arbitrary change of blog's background image via CSRF

Description: Despite being deprecated since v3.5.0, the wpsetbackgroundimage method defined in wp-admin/includes/class-custom-background.php, registered as an authenticated AJAX call wpajaxset-background-image, is still active. Given that the method is lacking CSRF checks, an attacker could chang...

bbPress Login Register Links On Forum Topic Pages <= 2.7.5 - CSRF to Stored XSS

Lack of CSRF checks in the plugin's settings allow arbitrary change of the settings, which can also lead to stored XSS issues. PoC The payload below will result in a stored XSS in the 'Style Customize' page...

Vifi Radio 1 Cross Site Request Forgery

. | | / | | \ \ | | \ / | |\ / / /\ \ / \ | Y / ^ / / || / / / / /\ /\ \ \ \ | / \ / http://h4x0resec.blogspot.com / \ | \ \ / // / \ / / / / Vifi Radio v1 - CSRF Arbitrary Change Password Exploit My + Discovered by: KnocKout Contact : [email protected] HomePage :...

Vifi Radio 1.0 - Cross-Site Request Forgery

Vifi Radio 1.0 - Cross-Site Request Forgery . | | / | | \ \ | | \ / | |\ / / /\ \ / \ | Y / ^ / / || / / / / /\ /\ \ \ \ | / \ / http://h4x0resec.blogspot.com / \ | \ \ / // / \ / / / / Vifi Radio v1 - CSRF Arbitrary Change Password Exploit My + Discovered by: KnocKout Contact :...

Document Library 1.0.1 Arbitrary Change Admin Vulnerability

No description provided by source. @=======================================@ ====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== @=======================================@ @=Author : ByALBAYX @=Website : WWW.C4TEAM.ORG @=Contry : Turkish @=======================================@ @=Script :Document Libra...

DocuWiki version 2009-12-25 suffers from directory traversal listing and modification vulnerabilitie

No description provided by source. Reported: 13-01-2010 Patched: 13-01-2010 Released: 14-01-2010 Vulnerable version : http://www.splitbrain.org/media/projects/dokuwiki/dokuwiki-2009-12-25.tgz Patched version: http://www.splitbrain.org/media/projects/dokuwiki/dokuwiki-2009-12-25b.tgz Author:...

dokuwiki 2009-12-25 - Multiple Vulnerabilities

dokuwiki 2009-12-25 - Multiple Vulnerabilities Reported: 13-01-2010 Patched: 13-01-2010 Released: 14-01-2010 Vulnerable version : http://www.splitbrain.org/media/projects/dokuwiki/dokuwiki-2009-12-25.tgz Patched version: http://www.splitbrain.org/media/projects/dokuwiki/dokuwiki-2009-12-25b.tgz...

dokuwiki 2009-12-25 - Multiple Vulnerabilities

Reported: 13-01-2010 Patched: 13-01-2010 Released: 14-01-2010 Vulnerable version : http://www.splitbrain.org/media/projects/dokuwiki/dokuwiki-2009-12-25.tgz Patched version: http://www.splitbrain.org/media/projects/dokuwiki/dokuwiki-2009-12-25b.tgz Author: whitesheep Contact: [email protected]...

Nwahy Dir 2.1 Arbitrary Change Admin Password Exploit

No description provided by source. ? / Nwahy Dir v2.1 Change Admin Password Exploit - Author : rEcruit - Mail : [email protected] - Download : http://nwahy.com/showdownload-3105.html - Vuln in ./admincp/admininfo.php code $u = addslashes$COOKIE'username'; $query = mysqlquery "SELECT FROM dliladmi...