Macs CMS 1.1.4 (XSS/CSRF) Vulnerabilities

Exploit for php platform in category web applications ========================================= Macs CMS 1.1.4 XSS/CSRF Vulnerabilities ========================================= Date: Sun 11 Jul 2010 11:53:35 AM EEST Vendor: http://macs-framework.sourceforge.net/ Download:...

Orbis CMS v1.0.2 Multiple CSRF Vulnerabilities

Exploit for php platform in category web applications ============================================== Orbis CMS v1.0.2 Multiple CSRF Vulnerabilities ============================================== Date: Sun 11 Jul 2010 08:08:10 PM EEST Vendor: http://www.novo-ws.com/orbis-cms/ Download:...

Orbis CMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities

Orbis CMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities Date: Sun 11 Jul 2010 08:08:10 PM EEST Vendor: http://www.novo-ws.com/orbis-cms/ Download: http://www.ohloh.net/p/orbis-cms/download?filename=orbis-1.0.2.zip --- -= CSRF PoC 1 - Change Admin Password =- Orbis CMS 1.0.2 Multiple...

Macs CMS 1.1.4 - Cross-Site Scripting Cross-Site Request Forgery

Macs CMS 1.1.4 - Cross-Site Scripting Cross-Site Request Forgery Date: Sun 11 Jul 2010 11:53:35 AM EEST Vendor: http://macs-framework.sourceforge.net/ Download: http://sourceforge.net/projects/macs-framework/ --- -= CSRF PoC 1 - Create Admin User =- Macs CMS 1.1.4 Multiple Vulnerabilities XSS/CSR...

Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities

Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities Date: Sun 11 Jul 2010 10:22:48 AM EEST Vendor: http://www.madebyfrog.com/ Download: http://www.madebyfrog.com/public/download/files/frog095.tar.gz --- -= CSRF PoC 1 - Create Admin User =- Frog CMS 0.9.5 Multiple CSRF...

TomatoCMS 2.0.5 Multiple CSRF Vulnerabilities

Exploit for php platform in category web applications ============================================= TomatoCMS 2.0.5 Multiple CSRF Vulnerabilities ============================================= Date: Sun 11 Jul 2010 03:36:08 PM EEST Vendor: http://www.tomatocms.com/ Download: None --- -= CSRF PoC 1...

TomatoCart 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities

TomatoCart 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities Date: Sun 11 Jul 2010 05:01:51 PM EEST Vendor: http://www.tomatocart.com/ Download: http://www.tomatocart.com/component/extensionmanage/?task=downloadfiles&file=tomatocart-1.0.1.zip --- -= CSRF PoC 1 - Create Admin User =-...

Orbis CMS 1.0.2 - Multiple Cross-Site Request Forgery Vulnerabilities

Date: Sun 11 Jul 2010 08:08:10 PM EEST Vendor: http://www.novo-ws.com/orbis-cms/ Download: http://www.ohloh.net/p/orbis-cms/download?filename=orbis-1.0.2.zip --- -= CSRF PoC 1 - Change Admin Password =- Orbis CMS 1.0.2 Multiple CSRF Vulnerabilities - Change Admin Password -= CSRF PoC 2 - Create...

TomatoCart 1.0.1 - Multiple Cross-Site Request Forgery Vulnerabilities

Date: Sun 11 Jul 2010 05:01:51 PM EEST Vendor: http://www.tomatocart.com/ Download: http://www.tomatocart.com/component/extensionmanage/?task=downloadfiles&file=tomatocart-1.0.1.zip --- -= CSRF PoC 1 - Create Admin User =- TomatoCart 1.0.1 Multiple CSRF Vulnerabilities - Create Admin User -= CSRF...

TomatoCMS 2.0.5 - Multiple Cross-Site Request Forgery Vulnerabilities

Date: Sun 11 Jul 2010 03:36:08 PM EEST Vendor: http://www.tomatocms.com/ Download: None --- -= CSRF PoC 1 - Change Administrator Password =- TomatoCMS 2.0.5 Multiple CSRF Vulnerabilities - Change Admin Password -= CSRF PoC 2 - Create Admin User =- TomatoCMS 2.0.5 Multiple CSRF Vulnerabilities -...

Macs CMS 1.1.4 - Cross-Site Scripting / Cross-Site Request Forgery

Date: Sun 11 Jul 2010 11:53:35 AM EEST Vendor: http://macs-framework.sourceforge.net/ Download: http://sourceforge.net/projects/macs-framework/ --- -= CSRF PoC 1 - Create Admin User =- Macs CMS 1.1.4 Multiple Vulnerabilities XSS/CSRF - Create Admin User -= CSRF PoC 2 - Delete User =- -= XSS PoC =...

Frog CMS 0.9.5 - Multiple Cross-Site Request Forgery Vulnerabilities

Date: Sun 11 Jul 2010 10:22:48 AM EEST Vendor: http://www.madebyfrog.com/ Download: http://www.madebyfrog.com/public/download/files/frog095.tar.gz --- -= CSRF PoC 1 - Create Admin User =- Frog CMS 0.9.5 Multiple CSRF Vulnerabilities - Create Admin User -= CSRF PoC 2 - Delete User =- img...

Elite CMS 1.01 - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities

Name: Elite CMS 1.01 Multiple XSS/CSRF Vulnerabilities Author: 10n1z3d Date: Sat 10 Jul 2010 08:05:44 PM EEST Vendor: http://elitecms.net/ Download: http://elitecms.net/download.php?download=eliteCMS -= CSRF PoC 1 - Change Admin Password =- Elite CMS 1.01 Multiple XSS/CSRF Vulnerabilities - Chang...

CVE-2010-2251

The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a Content-Disposition header that suggests a crafted...

Borland Interbase - 'Create-Request' Remote Buffer Overflow (Metasploit)

$Id: borlandinterbase.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Store Locator - Cross-Site Request Forgery (Add Admin)

Store Locator - Cross-Site Request Forgery Add Admin vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: ::::::: Store Locator Remote Add Admin Exploit User: Pass: :::::::::::::::::::::::::::::::::::::::::: Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz -inejcteur-4PY-SaYrOs...

Store Locator - Cross-Site Request Forgery (Add Admin)

vendor: www.ghostscripter.com ::::::::::::::explo!t::::::: ::::::: Store Locator Remote Add Admin Exploit User: Pass: :::::::::::::::::::::::::::::::::::::::::: Greetz to : Alnjm33-virus-pal - Predator-bingo2 - xXx-jago-dz -inejcteur-4PY-SaYrOs- XR57 -Tr0y-x Ahmadso -alsaek AnD all Tunisian hacke...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that 1 create accounts or 2 reset passwords, related to the Special:Userlogin form...

CVE-2010-1648

Cross-site request forgery CSRF vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that 1 create accounts or 2 reset passwords, related to the Special:Userlogin form...

CVE-2010-2024

transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possibly gain privileges, via a symlink attack on a lockfile in /tmp/...