7 matches found
CVE-2019-10847
Computrols CBAS 18.0.0 allows Cross-Site Request Forgery...
Computrols CBAS-Web 19.0.0 Cross Site Request Forgery
Computrols CBAS-Web 19.0.0 CSRF Add Super Admin CVE: CVE-2019-10847 Advisory: https://applied-risk.com/resources/ar-2019-009 Paper: https://applied-risk.com/resources/i-own-your-building-management-system Discovered by Gjoko 'LiquidWorm' Krstic history.pushState'', 't00t', 'index.php'...
CBAS-Web 19.0.0 - Cross-Site Request Forgery (Add Super Admin) Vulnerability
Exploit for hardware platform in category web applications Exploit Title: CBAS-Web 19.0.0 - Cross-Site Request Forgery Add Super Admin Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
CBAS-Web 19.0.0 - Cross-Site Request Forgery (Add Super Admin)
Exploit Title: CBAS-Web 19.0.0 - Cross-Site Request Forgery Add Super Admin Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link: https://www.computrols.com/building-automation-software/ Version: 19.0.0 Tested...
CBAS-Web 19.0.0 - Cross-Site Request Forgery (Add Super Admin)
CBAS-Web 19.0.0 - Cross-Site Request Forgery Add Super Admin Exploit Title: CBAS-Web 19.0.0 - Cross-Site Request Forgery Add Super Admin Google Dork: NA Date: 2019-11-11 Exploit Author: LiquidWorm Vendor Homepage: https://www.computrols.com/capabilities-cbas-web/ Software Link:...
CVE-2019-10847
Computrols CBAS 18.0.0 allows Cross-Site Request Forgery...
CVE-2019-10847
CVE-2019-10847 affects Computrols CBAS Web (CSRF). Documents show a CSRF vulnerability in CBAS Web, notably in version 18.0.0 (and affected earlier versions) that can allow unauthorized actions such as adding a Super Admin via forged requests. Public advisories indicate remote exploitation is pos...