5 matches found
CVE-2017-9414
Cross-site request forgery CSRF vulnerability in the Subscribe to Podcast feature in Subsonic 6.1.1 allows remote attackers to hijack the authentication of unspecified victims for requests that conduct cross-site scripting XSS attacks or possibly have unspecified other impact via the name paramet...
Subsonic 6.1.1 - Cross-Site Request Forgery / Cross-Site Scripting Vulnerabilities
Exploit for windows platform in category web applications + Credits: John Page a.k.a hyp3rlinx Vendor: ================ www.subsonic.org Product: =============== subsonic v6.1.1 Subsonic is a media streaming server. You install it on your own computer where you keep your music or video collection...
Subsonic 6.1.1 - Cross-Site Request Forgery Cross-Site Scripting
Subsonic 6.1.1 - Cross-Site Request Forgery Cross-Site Scripting + Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SUBSONIC-CSRF-PERSISTENT-XSS.txt + ISR: ApparitionSec Vendor: ================ www.subsonic.org Product:...
CVE-2017-9414
creationtimestamp| type| source ---|---|--- 2017-06-05 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42120...
Subsonic 6.1.1 Persistent XSS
Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SUBSONIC-CSRF-PERSISTENT-XSS.txt + ISR: ApparitionSec Vendor: ================ www.subsonic.org Product: =============== subsonic v6.1.1 Subsonic is a media streaming...