5 matches found
CVE-2017-9415
CVE-2017-9415 : Subsonic 6.1.1 is affected by a CSRF vulnerability that allows an attacker who knows or guesses a target username to hijack a user’s session and change passwords via requests to the relevant endpoint (userSettings.view). The connected documents confirm the vulnerability type, affe...
CVE-2017-9415
Cross-site request forgery CSRF vulnerability in subsonic 6.1.1 allows remote attackers with knowledge of the target username to hijack the authentication of users for requests that change passwords via a crafted request to userSettings.view...
Subsonic 6.1.1 - Cross-Site Request Forgery Vulnerability
Exploit for windows platform in category web applications + Credits: John Page a.k.a hyp3rlinx Vendor: ================ www.subsonic.org Product: =============== subsonic v6.1.1 Subsonic is a media streaming server. You install it on your own computer where you keep your music or video collection...
Subsonic 6.1.1 - Cross-Site Request Forgery
Subsonic 6.1.1 - Cross-Site Request Forgery + Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SUBSONIC-PASSWORD-RESET-CSRF.txt + ISR: ApparitionSec Vendor: ================ www.subsonic.org Product: =============== subson...
Subsonic 6.1.1 Password Reset Cross Site Request Forgery
Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SUBSONIC-PASSWORD-RESET-CSRF.txt + ISR: ApparitionSec Vendor: ================ www.subsonic.org Product: =============== subsonic v6.1.1 Subsonic is a media streaming...