9 matches found
CVE-2017-18366
Subrion CMS 4.1.5 has CSRF in blog/delete/...
EUVD-2011-0465
Malware in sbrugna...
Subrion CMS vulnerable to CSRF in blog/delete
Subrion CMS is vulnerable to cross-site request forgery in blog/delete/. This has been patched in version 4.2.1...
EC-CUBE plugin "Easy Blog for EC-CUBE4" vulnerable to cross-site request forgery
Overview EC-CUBE plugin "Easy Blog for EC-CUBE4" provided by COREMOBILE Co. Ltd. contains a cross-site request forgery vulnerability CWE-352. Furukawa Natsumi of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
Cross site request forgery (csrf)
Subrion CMS 4.1.5 has CSRF in blog/delete/...
Debian DSA-2206-1 : mahara - several vulnerabilities
Two security vulnerabilities have been discovered in Mahara, a fully featured electronic portfolio, weblog, resume builder and social networking system : - CVE-2011-0439 A security review commissioned by a Mahara user discovered that Mahara processes unsanitized input which can lead to cross-site...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Mahara 1.2.x before 1.2.7 and 1.3.x before 1.3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that delete blogs...
GeoBlog MOD_1.0 - 'deleteblog.php?id' Arbitrary Blog Deletion
source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploit these issues to delete blogs and comments regardless of the...
GeoBlog MOD_1.0 - deleteblog.php?id Arbitrary Blog Deletion
GeoBlog MOD1.0 - deleteblog.php?id Arbitrary Blog Deletion source: https://www.securityfocus.com/bid/24966/info geoBlog is prone to multiple security-bypass vulnerabilities because the application fails to properly validate users when deleting user blogs and comments. An attacker may exploit thes...