10 matches found
EUVD-2012-1013
Malware in sbrugna...
CSRF (Cross-Site Request Forgery) in DClassifieds
Advisory ID: HTB23067 Reference: https://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindclassifieds.html Product: DClassifieds Vendor: www.dclassifieds.eu http://www.dclassifieds.eu/ Vulnerable Version: 0.1 final and probably prior Tested Version: 0.1 final Vendor Notification: 04 January...
CVE-2012-0990
Cross-site request forgery CSRF vulnerability in admin/settings/update in DClassifieds 0.1 final allows remote attackers to hijack the authentication of administrators for requests that modify account settings such as the administrator password or email via certain Settings parameters...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in admin/settings/update in DClassifieds 0.1 final allows remote attackers to hijack the authentication of administrators for requests that modify account settings such as the administrator password or email via certain Settings parameters...
CVE-2012-0990
The CVE-2012-0990 issue affects DClassifieds 0.1 final and is a Cross-site Request Forgery (CSRF) in admin/settings/update. The underlying flaw allows an attacker to hijack an administrator’s session to modify settings (e.g., administrator password or email) via crafted Settings[] parameters. Exp...
CVE-2012-0990
Cross-site request forgery CSRF vulnerability in admin/settings/update in DClassifieds 0.1 final allows remote attackers to hijack the authentication of administrators for requests that modify account settings such as the administrator password or email via certain Settings parameters...
DClassifieds 0.1 Final Cross Site Request Forgery
Advisory ID: HTB23067 Reference: https://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryindclassifieds.html Product: DClassifieds Vendor: www.dclassifieds.eu http://www.dclassifieds.eu/ Vulnerable Version: 0.1 final and probably prior Tested Version: 0.1 final Vendor Notification: 04 January...
DClassifieds 0.1 final - Cross-Site Request Forgery
source: https://www.securityfocus.com/bid/51671/info DClassifieds is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application. Other attacks are also...
DClassifieds 0.1 final - Cross-Site Request Forgery
DClassifieds 0.1 final - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/51671/info DClassifieds is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to...
CSRF (Cross-Site Request Forgery) in DClassifieds
High-Tech Bridge SA Security Research Lab has discovered vulnerability in DClassifieds, which can be exploited to perform Сross-Site Request Forgery CSRF attacks. 1 Cross-site request forgery CSRF in DClassifieds: CVE-2012-0990 The application allows authorized users to perform certain actions vi...