CVE-2024-28195 Cross-Site Request Forgery (CSRF) vulnerability in API and login in your_spotify

yourspotify is an open source, self hosted Spotify tracking dashboard. YourSpotify versions 1.9.0 do not protect the API and login flow against Cross-Site Request Forgery CSRF. Attackers can use this to execute CSRF attacks on victims, allowing them to retrieve, modify or delete data on the...

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

CVE-2024-0204: Authentication Bypass in GoAnywhere MFT Script...

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

CVE-2024-0204: Authentication Bypass in GoAnywhere MFT Script...

74CMS 5.0.1 Cross Site Request Forgery

Exploit Title: 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user Date: 2019-04-14 Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: http://www.74cms.com/download/index.html Version: v5.0.1 CVE : CVE-2019-11374 74CMS v5.0.1 has a CSRF vulnerability to add...

74CMS 5.0.1 - Cross-Site Request Forgery (Add New Admin User)

74CMS 5.0.1 - Cross-Site Request Forgery Add New Admin User Exploit Title: 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user Date: 2019-04-14 Exploit Author: ax8 Vendor Homepage: https://github.com/Li-Siyuan Software Link: http://www.74cms.com/download/index.html Version: v5.0.1 CVE :...

Cross site request forgery (csrf)

74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI...

CVE-2019-11374

74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI...

CVE-2019-11374

74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI...

Cross site request forgery (csrf)

FastAdmin V1.0.0.20190111beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI...

CVE-2019-11078

MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI...

CVE-2019-10237

S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040...

HPE iLO 4 < 2.53 - Add New Administrator User

!/usr/bin/env python """ Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP: https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769enus Other...

Symantec Messaging Gateway Save.do Cross Site Request Forgery (CVE-2012-0308)

A cross-site request forgery CSRF vulnerability has been reported in Symantec Messaging Gateway. The vulnerability is due to errors while validating user input. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted URI. Successful exploitation would allow...

NinkoBB 1.3RC4 Cross Site Request Forgery

change admin user,passwd & add new admin user exploit Author: ItSecTeam download from:http://ninkobb.com/releases/?NinkoBB-1.3RC4.zip script:NinkoBB 1.3RC4 update:2010 ----------------------------------------- xpl: coded by ahmadbady Admin Control Panel - Editing User Username Settings banned...

MyBulletinBoard (MyBB) <= 1.1.5 (CLIENT-IP) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================= MyBulletinBoard MyBB = 1.1.5 CLIENT-IP SQL Injection Exploit ================================================================= !/usr/bin/php -q -d shortopentag=on ? echo...