Store Locator - Cross-Site Request Forgery (Add Admin)

Store Locator - Cross-Site Request Forgery Add Admin vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: ::::::: Store Locator Remote Add Admin Exploit User: Pass: :::::::::::::::::::::::::::::::::::::::::: Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz -inejcteur-4PY-SaYrOs...

Store Locator - Cross-Site Request Forgery (Add Admin)

vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: ::::::: Store Locator Remote Add Admin Exploit User: Pass: :::::::::::::::::::::::::::::::::::::::::: Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz -inejcteur-4PY-SaYrOs- XR57 -Tr0y-x Ahmadso -alsaek AnD all Tunisian hacke...

CVE-2010-1648

Cross-site request forgery CSRF vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that 1 create accounts or 2 reset passwords, related to the Special:Userlogin form...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that 1 create accounts or 2 reset passwords, related to the Special:Userlogin form...

CVE-2010-2024

transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/...

SugarCRM Community Edition 5.5.2 Cross Site Request Forgery

!--========================================================================================================= //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / / ...

CVE-2010-2022

jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations...

CVE-2010-2039

Cross-site request forgery CSRF vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative users via an AdminUsers action to index.php. NOTE: some of these details are obtained from third...

vtiger CRM 5.2.0 Cross Site Request Forgery

!--========================================================================================================= //\ /\ /\ /\ /\ /\ ///\ //\ /\ /\///\ // \ // //\ \ / //\ \ / // //\ \ /\\ \ \ \ / / / / // \ \ // // // // \ // //\ \\ \ // /// \ \ / \ / // / // / / / / / \ \ / / / ...

PostgreSQL: PL/Tcl Intended restriction bypass

The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads Tcl code from the pltclmodules table regardless of the table's ownership and permissions, which allows remo...

PostgreSQL: PL/Perl Intended restriction bypass

PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 does not properly restrict PL/perl procedures, which allows remote authenticated users, with database-creation privileges, to execute arbitrar...

Authentication flaw

EZ-Blog Beta 1 does not require authentication, which allows remote attackers to create or delete arbitrary posts via requests to PHP scripts...

eclime v1.1 ByPass / Create and Download Backup Vulnerability

Exploit for php platform in category web applications ============================================================= eclime v1.1 ByPass / Create and Download Backup Vulnerability =============================================================...

Design/Logic Flaw

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to the Create User privilege...

CVE-2010-0860

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to the Create User privilege...

Prediction League 0.3.8 Cross Site Request Forgery

======================================================================================== | Title : Prediction League 0.3.8 CSRF Create Admin User Exploit | Author : indoushka | Home : www.iqs3cur1ty.com/vb | Tested on: Lunix Français v.9.4 Ubuntu | Bug : CSRF Create Admin User Exploit...

Prediction League 0.3.8 CSRF Create Admin User Exploit

Exploit for php platform in category web applications ====================================================== Prediction League 0.3.8 CSRF Create Admin User Exploit ======================================================...

Prediction League 0.3.8 - Cross-Site Request Forgery (Add Admin)

Prediction League 0.3.8 - Cross-Site Request Forgery Add Admin ======================================================================================== | Title : Prediction League 0.3.8 CSRF Create Admin User Exploit | Author : indoushka | Home : www.iqs3cur1ty.com/vb | Tested on: Lunix Français...

Prediction League 0.3.8 - Cross-Site Request Forgery (Add Admin)

======================================================================================== | Title : Prediction League 0.3.8 CSRF Create Admin User Exploit | Author : indoushka | Home : www.iqs3cur1ty.com/vb | Tested on: Lunix Français v.9.4 Ubuntu | Bug : CSRF Create Admin User Exploit...

Advanced Management For Services Sites - Bypass Create And Download SQL Backup

Advanced Management For Services Sites - Bypass Create And Download SQL Backup ======================================================================================== | Title : Advneced Management For Services Sites =by pass Creat And Download Buckup Sql Vulnerability | Author : indoushka | emai...