EUVD-2018-21863

Smartshop 1 contains a cross-site request forgery vulnerability that allows attackers to modify user profiles by tricking authenticated users into submitting malicious requests. Attackers can craft HTML forms targeting editprofile.php with hidden fields for email and password parameters that...

CVE-2019-25322 Heatmiser Netmonitor 3.03 - Hardcoded Credentials

Heatmiser Netmonitor 3.03 contains a hardcoded credentials vulnerability in the networkSetup.htm page with predictable admin login credentials. Attackers can access the device by using the hard-coded username 'admin' and password 'admin' in the hidden form input fields...

CVE-2020-37145

HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious HTML page with hidden form fields to trick authenticated administrators into creating new user...

EUVD-2000-0105

Malware in sbrugna...

EUVD-2004-2050

Malware in sbrugna...

EUVD-2000-0107

Malware in sbrugna...

EUVD-2000-0135

Malware in sbrugna...

EUVD-2000-0101

Malware in sbrugna...

EUVD-2000-0122

Malware in sbrugna...

EUVD-2000-0109

Malware in sbrugna...

EUVD-2000-0100

Malware in sbrugna...

EUVD-2000-0133

Malware in sbrugna...

EUVD-2000-0136

Malware in sbrugna...

EUVD-2002-2280

Malware in sbrugna...

EUVD-2000-0252

Malware in sbrugna...

EUVD-2002-1445

Malware in sbrugna...

SUSE CVE-2010-1125

The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus metho...

WordPress PayPal Checkout Payment Gateway 1.6.8 Plugin - Parameter Tampering Vulnerability

Exploit for php platform in category web applications WordPress PayPal Checkout Payment Gateway 1.6.8 Plugin - Parameter Tampering Exploit Title: cgi-bin/webscr?cmd=cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter...

LocalTapiola: Suspicious browser fingerprinting(?) scripts on http://www.lahitapiola.fi/ redirector

I was doing some routine scanning of my Internet traffic at work I work as a Security Researcher for Forcepoint and noticed that my IDS popped up alarms of a ton of suspicious behaviour when I was trying to access http://www.lahitapiola.fi/ front page. It turned out that there seems to be a lot o...

b2evolution 3.3.3 - Cross-Site Request Forgery

---------------------------------------------------------------------------- : Exploit Title: b2evolution 3.3.3 Cross site request forgery : : Date: 05/07/2010 & 23/07/1431 H : : Author: saudi0hacker : : Software Link: http://b2evolution.net/downloads/index.html : : Version: 3.3.3 : : Tested on:...