9 matches found
CVE-2022-2821
Missing Critical Step in Authentication in GitHub repository namelessmc/nameless prior to v2.0.2...
CVE-2022-2820
Session Fixation in GitHub repository namelessmc/nameless prior to v2.0.2...
CVE-2022-2820 Session Fixation in namelessmc/nameless
Session Fixation in GitHub repository namelessmc/nameless prior to v2.0.2...
CVE-2022-2820 Session Fixation in namelessmc/nameless
Session Fixation in GitHub repository namelessmc/nameless prior to v2.0.2...
CVE-2022-2821 Missing Critical Step in Authentication in namelessmc/nameless
Missing Critical Step in Authentication in GitHub repository namelessmc/nameless prior to v2.0.2...
Cross-Site Request Forgery (CSRF) in namelessmc/nameless
Description Several endpoints are vulnerable to CSRF 1: module install /index.php?route=/panel/core/modules/&action=install 2: clear template cache /index.php?route=/panel/core/paneltemplates/&action=clearcache 3: install templates, activate template, deactivate template, delete template,...
Cross-Site Request Forgery (CSRF) in namelessmc/nameless
✍️ Description csrf bug to stick a topic 🕵️♂️ Proof of Concept Bellow url is vulnerable to csrf attack to stick a topic . http://localhost/nameless/index.php?route=/forum/stick/&tid=1 💥 Impact csrf bug to stick a topic...
Cross-Site Request Forgery (CSRF) in namelessmc/nameless
✍️ Description csrf bug to follow a topic 🕵️♂️ Proof of Concept i see everywhere is csrf token checking . But in this case csrf token checking is missing .\ Bellow url is vulnerable to csrf attack to follow a topic . http://localhost/nameless/index.php?route=/forum/topic/1/&action=follow 💥 Impact...
Cross-Site Request Forgery (CSRF) in namelessmc/nameless
✍️ Description csrf bug to lock a topic 🕵️♂️ Proof of Concept i see everywhere is csrf token checking . But in this case csrf token checking is missing .\ Bellow url is vulnerable to csrf attack to lock a topic . http://localhost/nameless/index.php?route=/forum/lock/&tid=1 💥 Impact csrf bug to...