CVE-2023-26579

Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows deletion of staff information by unauthenticated attackers...

PT-2023-20745 · Idweb · Idweb

Name of the Vulnerable Software and Affected Versions: IDWeb application version 3.1.013 Description: The issue concerns missing authentication in the DeleteStaff method, allowing unauthenticated attackers to delete staff information. Recommendations: For version 3.1.013, ensure proper...

CVE-2023-0761

The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack...

TheHostingTool 1.2.2 Cross Site Request Forgery

Date: Mon 12 Jul 2010 01:19:52 PM EEST Vendor: http://thehostingtool.com/ Download: http://thehostingtool.googlecode.com/files/THT-v1.2.2.zip --- -= CSRF PoC 1 - Create Staff Account =- TheHostingTool 1.2.2 Multiple CSRF Vulnerabilities - Create Staff Account -= CSRF PoC 2 - Delete Staff Account ...

TheHostingTool 1.2.2 - Multiple Cross-Site Request Forgery Vulnerabilities

TheHostingTool 1.2.2 - Multiple Cross-Site Request Forgery Vulnerabilities Date: Mon 12 Jul 2010 01:19:52 PM EEST Vendor: http://thehostingtool.com/ Download: http://thehostingtool.googlecode.com/files/THT-v1.2.2.zip --- -= CSRF PoC 1 - Create Staff Account =- TheHostingTool 1.2.2 Multiple CSRF...

TheHostingTool 1.2.2 - Multiple Cross-Site Request Forgery Vulnerabilities

Date: Mon 12 Jul 2010 01:19:52 PM EEST Vendor: http://thehostingtool.com/ Download: http://thehostingtool.googlecode.com/files/THT-v1.2.2.zip --- -= CSRF PoC 1 - Create Staff Account =- TheHostingTool 1.2.2 Multiple CSRF Vulnerabilities - Create Staff Account -= CSRF PoC 2 - Delete Staff Account ...