20 matches found
EUVD-2012-5765
Malware in sbrugna...
CVE-2012-5891
Multiple cross-site request forgery CSRF vulnerabilities in photo/pass.php in DAlbum 1.44 build 174 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add a user via an add action, 2 change user passwords via a change action, or 3 delete a user v...
dalbum 1.43 - Multiple Vulnerabilities
No description provided by source. =============================== Vulnerability ID: HTB22941 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindalbum.html Product: Dalbum Vendor: http://www.dalbum.org/ http://www.dalbum.org/ Vulnerable Version: 1.43 Vendor Notification: 05...
dalbum 144 build 174 and earlier CSRF Vulnerabilities
No description provided by source. dalbum 144 build 174 and earlier CSRF Vulnerabilities =================================================================================== Exploit Title:dalbum 144174 and earlier CSRF Vulnerabilities Vendor: http://www.dalbum.org/ Download link...
CVE-2012-5891
Multiple cross-site request forgery CSRF vulnerabilities in photo/pass.php in DAlbum 1.44 build 174 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add a user via an add action, 2 change user passwords via a change action, or 3 delete a user v...
CVE-2012-5891
Multiple cross-site request forgery CSRF vulnerabilities in photo/pass.php in DAlbum 1.44 build 174 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 add a user via an add action, 2 change user passwords via a change action, or 3 delete a user v...
CVE-2012-5891
DAlbum 1.44 build 174 and earlier is affected by multiple CSRF vulnerabilities in photo/pass.php that allow remote attackers to hijack administrator authentication for actions (1) add a user, (2) change user passwords, or (3) delete a user. The vulnerability is in CSRF protection for these admin ...
Dalbum 144 Build 174 Cross Site Request Forgery
dalbum 144 build 174 and earlier CSRF Vulnerabilities =================================================================================== Exploit Title:dalbum 144174 and earlier CSRF Vulnerabilities Vendor: http://www.dalbum.org/ Download link :http://www.dalbum.org/index.php?go=Downloads Author:...
dalbum 144 build 174 and earlier CSRF Vulnerabilities
Exploit for php platform in category web applications...
dalbum 144 build 174 - Cross-Site Request Forgery
dalbum 144 build 174 - Cross-Site Request Forgery dalbum 144 build 174 and earlier CSRF Vulnerabilities =================================================================================== Exploit Title:dalbum 144174 and earlier CSRF Vulnerabilities Vendor: http://www.dalbum.org/ Download link...
Dalbum 1.43 Multiple Vulnerabilities
Exploit for php platform in category web applications roduct: Dalbum Vendor: http://www.dalbum.org/ http://www.dalbum.org/ Vulnerable Version: 1.43 Vendor Notification: 05 April 2011 Vulnerability Type: CSRF Cross-Site Request Forgery Risk level: Low Credit: High-Tech Bridge SA Security Research...
HTB22943: XSS in Dalbum
Vulnerability ID: HTB22943 Reference: http://www.htbridge.ch/advisory/xssindalbum.html Product: Dalbum Vendor: http://www.dalbum.org/ http://www.dalbum.org/ Vulnerable Version: 1.43 Vendor Notification: 05 April 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: High-Tec...
dalbum 1.43 - Multiple Vulnerabilities
dalbum 1.43 - Multiple Vulnerabilities =============================== Vulnerability ID: HTB22941 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindalbum.html Product: Dalbum Vendor: http://www.dalbum.org/ http://www.dalbum.org/ Vulnerable Version: 1.43 Vendor Notification:...
dalbum 1.43 - Multiple Vulnerabilities
=============================== Vulnerability ID: HTB22941 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindalbum.html Product: Dalbum Vendor: http://www.dalbum.org/ http://www.dalbum.org/ Vulnerable Version: 1.43 Vendor Notification: 05 April 2011 Vulnerability Type: CSRF...
Dalbum 1.43 - 'editini.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/47427/info Dalbum is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of...
HTB22942: Path disclousure in Dalbum
Vulnerability ID: HTB22942 Reference: http://www.htbridge.ch/advisory/pathdisclousureindalbum.html Product: Dalbum Vendor: http://www.dalbum.org/ http://www.dalbum.org/ Vulnerable Version: 1.43 Vendor Notification: 05 April 2011 Vulnerability Type: Path disclosure Risk level: Low Credit: High-Tec...
Dalbum 1.43 - editini.php Cross-Site Scripting
Dalbum 1.43 - editini.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47427/info Dalbum is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
HTB22941: CSRF (Cross-Site Request Forgery) in Dalbum
Vulnerability ID: HTB22941 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindalbum.html Product: Dalbum Vendor: http://www.dalbum.org/ http://www.dalbum.org/ Vulnerable Version: 1.43 Vendor Notification: 05 April 2011 Vulnerability Type: CSRF Cross-Site Request Forgery Risk...
Dalbum 1.43 XSRF / XSS / Path Disclosure
=============================== Vulnerability ID: HTB22941 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindalbum.html Product: Dalbum Vendor: http://www.dalbum.org/ http://www.dalbum.org/ Vulnerable Version: 1.43 Vendor Notification: 05 April 2011 Vulnerability Type: CSRF...
Multiple Vulnerabilities in Dalbum
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in Dalbum which could be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-site scripting XSS vulnerability in Dalbum The vulnerability exists due to input sanitation error in...