3 matches found
Admidio 3.3.5 - Cross-Site Request Forgery (Change Permissions)
Admidio 3.3.5 - Cross-Site Request Forgery Change Permissions Exploit Title: Admidio 3.3.5 - Cross-Site Request Forgery Change Permissions Author: Nawaf Alkeraithe Date: 2018-09-01 Vendor Homepage: https://www.admidio.org/ Software Link:...
Node.js third-party modules: Privilage escalation with malicious .npmrc
Hello. I'm forwarding to you my conversation with npm staff regarding security issue. It allows to escalate to root privilages of victim using either: a basic social engineering - convincing victim to run npm in attacker-controlled folder eg. repository, including such innocent ones like "npm hel...
Personal.Net Portal - Multiple Vulnerabilities
''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ ''' Abysssec Inc Public Advisory Title : Personal.Net Portal Multiple Vulnerabilities Affected Version : Personal.Net Portal Version 2.8.1 Discovery : www.Abysssec.com Vendor...