4 matches found
CVE-2012-6493
Cross-site request forgery CSRF vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete...
Nexpose Security Console - Cross-Site Request Forgery
Nexpose Security Console - Cross-Site Request Forgery Product: Nexpose Security Console Vendor: Rapid7 Version: //document.forms0.submit; //uncomment to auto-submit /code 2. Lure victim to http://attackersite.com/nexpose-csrf.htm. 3. Site with ID 1 is deleted when form is submitted. V...
Nexpose Security Console - Cross-Site Request Forgery
Product: Nexpose Security Console Vendor: Rapid7 Version: //document.forms0.submit; //uncomment to auto-submit /code 2. Lure victim to http://attackersite.com/nexpose-csrf.htm. 3. Site with ID 1 is deleted when form is submitted. Vendor Notif...
Nexpose Security Console CSRF Vulnerability
Exploit for multiple platform in category web applications Product: Nexpose Security Console Vendor: Rapid7 Version: //document.forms0.submit; //uncomment to auto-submit /code 2. Lure victim to http://attackersite.com/nexpose-csrf.htm. 3. Site with ID 1...