Lucene search
+L

142 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Cpanel 11.x - Edit E-mail Cross Site Request Forgery exploit

No description provided by source. Exploit Title: Cpanel 11.X Edit E-mail Cross Site Request Forgery exploit Date: 22 - 10 - 2010 Author: Mon7rF Mail : [email protected] Tested on: Windows 7 -------------------------------------------------------------------------------------- form onsubmit=return...

7.1AI score
Exploits0
NVD
NVD
added 2012/07/21 3:38 a.m.16 views

CVE-2012-2353

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section...

4CVSS5.7AI score0.0138EPSS
Exploits0References2
Prion
Prion
added 2012/07/21 3:38 a.m.18 views

Stack overflow

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section...

4CVSS6.2AI score0.0138EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2012/07/21 3:38 a.m.3 views

UBUNTU-CVE-2012-2353

Moodle 2.1.x before 2.1.6 and 2.2.x before 2.2.3 allows remote authenticated users to obtain sensitive user information from hidden fields by leveraging the teacher role and navigating to "Enrolled users" under the Users Settings section...

4CVSS5.8AI score0.0138EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2012/04/05 12:0 a.m.20 views

idev-DigiEbay 3.0 Cross Site Request Forgery

Exploit Title: idev-DigiEbay 3.0 CSRF Author: Jonturk75 Vendor or Software Link: http://idevspot.com/ Category:: webapps Demo : http://idevspot.com/demos/idev-digiebay/admin Greetz: Inj3ct0r Exploit DataBase 1337day.com ShowShowHide...

0.5AI score
Exploits0
myhack58
myhack58
added 2011/12/28 12:0 a.m.31 views

Talking about web application permissions problems-vulnerability warning-the black bar safety net

Before knowing about web permissions there might be a problem, but in reality the test encountered is relatively small, today met on record: a warrior please don't waste your valuable time A, longitudinal Stripping of the right to In General the site has many users, divided into different...

6.7AI score
Exploits0
0day.today
0day.today
added 2010/11/22 12:0 a.m.21 views

Cpanel 11.X Edit E-mail Cross Site Request Forgery Exploit

Exploit for php platform in category web applications ========================================================== Cpanel 11.X Edit E-mail Cross Site Request Forgery Exploit ========================================================== Exploit Title: Cpanel 11.X Edit E-mail Cross Site Request Forgery...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/08/28 12:0 a.m.34 views

Pc4Uploader 9.0 Cross Site Request Forgery

Exploit Title: pc4uploader XSRF Add Admin Exploit Date: 27-08-2010 Author: RENO TeaM : SauDi ViRuS TeaM SiTe: WwW.Sa-ViRuS.CoM Software Link: http://www.pc4arb.com/product-10.html SvT Pc4Uploader - XSRF Add Admin Exploit Author : RENO TeaM : SauDi ViRuS TeaM Site : WwW.Sa-ViRuS.CoM Email :...

0.9AI score
Exploits0
myhack58
myhack58
added 2009/05/10 12:0 a.m.43 views

Summary:easy is the hack attack 1 0 a vulnerability-vulnerability warning-the black bar safety net

Application-level security vulnerabilities are usually not as similar to the SirCam email virus such as Code Red this worm so easy to widely spread, but they will also cause a lot of problems, from the theft of product or information to make the entire Web site was completely paralyzed. Ensure th...

0.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2006/07/06 12:0 a.m.8 views

PT-2006-4290 · Taskjitsu · Taskjitsu

Name of the Vulnerable Software and Affected Versions: Taskjitsu versions prior to 2.0.1 Description: The issue concerns the "change password forms" in Taskjitsu, where password hashes are included in hidden form fields. This allows remote attackers to obtain sensitive information from the Catego...

5CVSS6.4AI score0.01351EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2005/11/20 12:0 a.m.22 views

almondClassifieds.txt

A vulnerability discovered in Almond Classifeds http://www.almondsoft.com/alcl.html vulnerability is due omit check of password in "editform" user can edit any add in the classifieds if we post new add we can edit our add in the "editform" section there are 2 hidden fields: by changing the number...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/06 12:0 a.m.24 views

Maxwebportal 1.30 - 'search.asp?Search' Cross-Site Scripting

source: https://www.securityfocus.com/bid/7837/info A number of vulnerabilities have been discovered in the MaxWebPortal. The issues that have been discovered include: MaxWebPortal 'search.asp' has been reported prone to a cross-site scripting vulnerability. An attacker may execute arbitrary scri...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/10/24 12:0 a.m.32 views

Price modification in Element InstantShop

===================================================================== Securax-SA-07 Security Advisory belgian.networking.security Dutch ===================================================================== Topic: Price modification in Element InstantShop Announced: 2000-10-23 Updated: 2000-10-23...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2000/10/10 12:0 a.m.42 views

DST2K0036: Price modification possible in CyberOffice Shopping Ca rt

All, We have released this with the permission of the vendor. Rgds Ollie ----- Ollie Whitehouse Security Team Leader tel: +44 020 79160200 ============================================================================ Delphis Consulting Plc...

6.9AI score
Exploits0
CVE
CVE
added 2000/02/08 5:0 a.m.56 views

CVE-2000-0101

The CVE-2000-0101 entry concerns the Make-a-Store OrderPage shopping cart, where remote users can modify sensitive purchase information via hidden form fields in the application. Connected PT-2000-1089 confirms the vulnerable software as Make-a-Store OrderPage (affected versions not specified) an...

7.5CVSS6.7AI score0.0215EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2000/02/08 5:0 a.m.60 views

CVE-2000-0110

CVE-2000-0110 affects the WebSiteTool shopping cart application, where remote attackers can modify sensitive purchase information by manipulating hidden form fields in the shopping cart. The PT-2000-1098 entry corroborates this description but does not specify affected versions or a fix. No explo...

7.5CVSS6.7AI score0.02032EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2000/02/08 5:0 a.m.49 views

CVE-2000-0135

CVE-2000-0135 affects the @Retail shopping cart application. NVD notes remote attackers can modify sensitive purchase information via hidden form fields, with a CVSS v2 base score of 7.5 (NETWORK, LOW complexity, NONE auth, partial impact across confidentiality, integrity, and availability). Conn...

7.5CVSS6.7AI score0.02146EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2000/02/08 5:0 a.m.22 views

CVE-2000-0101

The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

6.3AI score0.0215EPSS
Exploits0References1
Cvelist
Cvelist
added 2000/02/08 5:0 a.m.16 views

CVE-2000-0106

The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields...

6.3AI score0.02032EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2000/02/01 12:0 a.m.5 views

PT-2000-1092 · Shoptron · Shoptron Shopping Cart Application

Name of the Vulnerable Software and Affected Versions: Shoptron shopping cart application affected versions not specified Description: The issue allows remote users to modify sensitive purchase information via hidden form fields. Recommendations: At the moment, there is no information about a new...

7.5CVSS6.3AI score0.02085EPSS
Exploits0References2
Rows per page
Query Builder