4 matches found
SimpleRisk 20130915-01 - Multiple Vulnerabilities
No description provided by source. 1. Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS CWE-79, OWASP-...
CVE-2013-5748
CVE-2013-5748 refers to a CSRF vulnerability in SimpleRisk’s management/prioritize_planning.php prior to version 20130916-001, which allows remote attackers to hijack user sessions for actions such as adding projects via add_project. The underlying issue is a Cross-Site Request Forgery that enabl...
SimpleRisk 20130915-01 - Multiple Vulnerabilities
Exploit for php platform in category web applications 1. Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting...
SimpleRisk 20130915-01 - Multiple Vulnerabilities
Advisory Information Title: SimpleRisk v.20130915-01 CSRF-XSS Account Compromise Advisory ID: RS-2013-0001 Date Published: 2013-09-30 2. Vulnerability Information Type: Cross-Site Request Forgery CSRF CWE-352, OWASP-A8, Cross-Site Scripting XSS CWE-79, OWASP-A3 Impact: Full Account Compromise...