17 matches found
EUVD-2009-4352
Malware in sbrugna...
EUVD-2009-4353
Malware in sbrugna...
Ez Poll Hoster - Multiple XSS and CSRF Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------------------------- Title: Ez Poll Hoster Multiple XSS and XSRF Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Scriptsez.net Ez Poll Hoster EPH allow remote attackers to 1 hijack the authentication of arbitrary users for requests that delete polls via the deletepoll action to index.php; and hijack the authentication of administrators for requests...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Scriptsez.net Ez Poll Hoster EPH allow remote attackers to inject arbitrary web script or HTML via the 1 pid parameter in a code action to index.php and the 2 uid parameter in a view action to profile.php...
CVE-2009-4385
Multiple cross-site request forgery CSRF vulnerabilities in Scriptsez.net Ez Poll Hoster EPH allow remote attackers to 1 hijack the authentication of arbitrary users for requests that delete polls via the deletepoll action to index.php; and hijack the authentication of administrators for requests...
CVE-2009-4384
Multiple cross-site scripting XSS vulnerabilities in Scriptsez.net Ez Poll Hoster EPH allow remote attackers to inject arbitrary web script or HTML via the 1 pid parameter in a code action to index.php and the 2 uid parameter in a view action to profile.php...
CVE-2009-4385
CVE-2009-4385 describes multiple CSRF vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH). Attackers can hijack user authentication to perform delete_poll (index.php) and administrator authentication to delete users (admin.php) or send arbitrary email (admin.php). The affected components are th...
CVE-2009-4384
Multiple cross-site scripting XSS vulnerabilities in Scriptsez.net Ez Poll Hoster EPH allow remote attackers to inject arbitrary web script or HTML via the 1 pid parameter in a code action to index.php and the 2 uid parameter in a view action to profile.php...
CVE-2009-4385
Multiple cross-site request forgery CSRF vulnerabilities in Scriptsez.net Ez Poll Hoster EPH allow remote attackers to 1 hijack the authentication of arbitrary users for requests that delete polls via the deletepoll action to index.php; and hijack the authentication of administrators for requests...
CVE-2009-4384
CVE-2009-4384 affects Scriptsez.net Ez Poll Hoster (EPH). The vulnerabilities are cross-site scripting (XSS) via two parameters: the pid parameter in a code action to index.php and the uid parameter in a view action to profile.php. Root cause: insufficient input validation allowing injection of a...
Ez Poll Hoster XSS / XSRF
----------------------------------------------------------------------------------------------- Title: Ez Poll Hoster Multiple XSS and XSRF Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...
Ez Poll Hoster - Multiple Cross-Site Scripting Vulnerabilities
Ez Poll Hoster - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/41742/info Ez Poll Hoster is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issue...
Ez Poll Hoster - Multiple Cross-Site Scripting Cross-Site Request Forgery Vulnerabilities
Ez Poll Hoster - Multiple Cross-Site Scripting Cross-Site Request Forgery Vulnerabilities ----------------------------------------------------------------------------------------------- Title: Ez Poll Hoster Multiple XSS and XSRF Vulnerabilities Author: Milos Zivanovic Email:...
Ez Poll Hoster Multiple XSS and XSRF Vulnerabilities
Exploit for unknown platform in category web applications ==================================================== Ez Poll Hoster Multiple XSS and XSRF Vulnerabilities ====================================================...
Ez Poll Hoster - Multiple Cross-Site Scripting / Cross-Site Request Forgery Vulnerabilities
----------------------------------------------------------------------------------------------- Title: Ez Poll Hoster Multiple XSS and XSRF Vulnerabilities Author: Milos Zivanovic Email: milosz.securityatgmail.com Date: 14. December 2009...
Ez Poll Hoster - Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/41742/info Ez Poll Hoster is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an...