15 matches found
EUVD-2011-5215
Malware in sbrugna...
CVE-2011-5316
Cross-site request forgery CSRF vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via a user save action...
cambio-carsharing.de Cross Site Scripting vulnerability OBB-3197105
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
cambio.60.ylos.com Cross Site Scripting vulnerability OBB-2856303
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2011-5316
Cross-site request forgery CSRF vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via a user save action...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via a user save action...
CVE-2011-5316
Cross-site request forgery CSRF vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via a user save action...
CVE-2011-5316
The CVE-2011-5316 entry concerns a CSRF flaw in the Cambio 0.5a nightly r37 release, specifically affecting the admin/index.php handler. The underlying issue allows an attacker to hijack an administrator’s session and perform credential-changing actions via a seemingly legitimate user-initiated r...
Cambio 0.5a CSRF Vulnerabiliity
No description provided by source. Vulnerability ID: HTB22768 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincambio.html Product: Cambio Vendor: Joram van den Boezem http://www.cambiocms.org/ Vulnerable Version: 0.5a nightly r37 and probably prior versions Vendor Notification: 28 December...
Cambio 0.5a CSRF Vulnerabiliity
Exploit for php platform in category web applications...
XSRF (CSRF) in Cambio
Vulnerability ID: HTB22768 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincambio.html Product: Cambio Vendor: Joram van den Boezem http://www.cambiocms.org/ Vulnerable Version: 0.5a nightly r37 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF...
Cambio 0.5a - Cross-Site Request Forgery
Vulnerability ID: HTB22768 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincambio.html Product: Cambio Vendor: Joram van den Boezem http://www.cambiocms.org/ Vulnerable Version: 0.5a nightly r37 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF...
Cambio 0.5a - Cross-Site Request Forgery
Cambio 0.5a - Cross-Site Request Forgery Vulnerability ID: HTB22768 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincambio.html Product: Cambio Vendor: Joram van den Boezem http://www.cambiocms.org/ Vulnerable Version: 0.5a nightly r37 and probably prior versions Vendor Notification: 28...
Cambio 0.5a Cross Site Request Forgery
Vulnerability ID: HTB22768 Reference: http://www.htbridge.ch/advisory/xsrfcsrfincambio.html Product: Cambio Vendor: Joram van den Boezem http://www.cambiocms.org/ Vulnerable Version: 0.5a nightly r37 and probably prior versions Vendor Notification: 28 December 2010 Vulnerability Type: CSRF...
Cross-site Request Forgery (CSRF) in Cambio
High-Tech Bridge SA Security Research Lab has discovered vulnerability in Cambio which could be exploited to perform cross-site request forgery attacks. 1 Cross-site request forgery CSRF in Cambio The vulnerability exists due to insufficient validation of the request origin in...