EZGenerator跨站请求伪造漏洞

EZGenerator是一个网站建设和内容管理系统。 The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. create an administrative account when a logged-in administrative user visits a specially crafted web...

EZGenerator Cross Site Request Forgery / File Disclosure

EZGenerator – Local File Disclosure/Admin Data/CSRF Vulnerability ================================================================= .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Dork : inurl:”utils.php?action=...

EZGenerator - Local File Disclosure / Cross-Site Request Forgery

source: https://www.securityfocus.com/bid/64740/info EZGenerator is prone to a local file-disclosure vulnerability and a cross-site request-forgery vulnerability. An attacker may leverage these issues to perform unauthorized actions in the context of a logged-in user, or obtain sensitive...

EZGenerator - Local File Disclosure Cross-Site Request Forgery

EZGenerator - Local File Disclosure Cross-Site Request Forgery source: https://www.securityfocus.com/bid/64740/info EZGenerator is prone to a local file-disclosure vulnerability and a cross-site request-forgery vulnerability. An attacker may leverage these issues to perform unauthorized actions i...