Lucene search
K

68 matches found

NVD
NVD
added 2019/04/20 3:29 p.m.58 views

CVE-2019-11374

74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI...

8.8CVSS8.6AI score0.09853EPSS
Exploits5References3
Prion
Prion
added 2019/04/11 2:29 a.m.21 views

Cross site request forgery (csrf)

FastAdmin V1.0.0.20190111beta has a CSRF vulnerability to add a new admin user via the admin/auth/admin/add?dialog=1 URI...

6.8CVSS8.6AI score0.00628EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/04/11 2:29 a.m.22 views

CVE-2019-11078

MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the ucenter/userinfo.php URI...

8.8CVSS8.7AI score0.00614EPSS
Exploits1References1
OSV
OSV
added 2019/03/27 6:29 p.m.5 views

CVE-2019-10237

S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040...

8.8CVSS7.3AI score0.00614EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2019/03/12 12:0 a.m.67 views

PilusCart 1.4.1 - Cross-Site Request Forgery (Add Admin)

Exploit Title: PilusCart 1.4.1 - Cross-Site Request Forgery Add Admin Google Dork: N/A Date: 10-03-2019 Exploit Author: Gionathan "John" Reale Vendor Homepage: https://github.com/piluscart Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2019/03/10 12:0 a.m.204 views

DirectAdmin 1.55 - CMD_ACCOUNT_ADMIN Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit title: DirectAdmin v1.55 - CSRF via CMDACCOUNTADMIN Admin Panel Exploit Author: ManhNho Vendor Homepage: https://www.directadmin.com/ Software Link: https://www.directadmin.com/ Demo Link: https://www.directadmin.com:2222/CMDACCOUNTADM...

6.8CVSS8.7AI score0.02435EPSS
Exploits5
Exploit DB
Exploit DB
added 2019/03/08 12:0 a.m.75 views

DirectAdmin 1.55 - 'CMD_ACCOUNT_ADMIN' Cross-Site Request Forgery

Exploit title: DirectAdmin v1.55 - CSRF via CMDACCOUNTADMIN Admin Panel Date: 03/03/2019 Exploit Author: ManhNho Vendor Homepage: https://www.directadmin.com/ Software Link: https://www.directadmin.com/ Demo Link: https://www.directadmin.com:2222/CMDACCOUNTADMIN Version: 1.55 CVE: CVE-2019-9625...

8.8CVSS8.8AI score0.02435EPSS
Exploits5
OSV
OSV
added 2019/03/07 3:29 p.m.6 views

CVE-2019-9625

JBMC DirectAdmin 1.55 allows CSRF via the /CMDACCOUNTADMIN URI to create a new admin account...

8.8CVSS7.3AI score0.02435EPSS
Exploits5References2
Exploit DB
Exploit DB
added 2018/02/05 12:0 a.m.118 views

HPE iLO 4 < 2.53 - Add New Administrator User

!/usr/bin/env python """ Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP: https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769enus Other...

10CVSS9.5AI score0.99335EPSS
Exploits9
OSV
OSV
added 2018/01/30 9:29 p.m.2 views

CVE-2018-6408

An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrator password or adding a new administrator account...

8.8CVSS5.8AI score
Exploits0References1
Packet Storm
Packet Storm
added 2018/01/24 12:0 a.m.53 views

Photography CMS 1.0 Cross Site Request Forgery

New Admin Username: Password: Confirm Password: Email: $"ekleabi".live'click',function $.ajax type: "POST", url: "http://ronnieswietek.com/cc/clients/resources/ajax/ajaxnewadmin.php", data: username:$".efe username".val, password1:$".efe password1".val, password2:$".efe password2".val, email:$".e...

8.7AI score0.01385EPSS
Exploits4
Exploit DB
Exploit DB
added 2017/06/07 12:0 a.m.50 views

Robert 0.5 - Multiple Vulnerabilities

Exploit Title: Robert 0.5 - Multiple Vulnerabilities XSS, CSRF, Directory traversal & SQLi Date: 07/06/2017 Exploit Author: Cyril Vallicari / HTTPCS - ZIWIT Vendor website :http://robert.polosson.com/ Download link : https://github.com/RobertManager/robert/archive/master.zip Live demo :...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/06/11 12:0 a.m.40 views

FiverrScript CSRF Vulnerability (Add New Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: FiverrScript CSRF Vulnerability add New admin Author: Mahmoud Gamal @Zombiehelp54 Google Dork: intext:Powered by FiverrScript Date: 10/06/2015 Exploit Author: Scriptolution Vendor Homepage: http://scriptolution.com Software Link...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2015/02/24 12:0 a.m.33 views

EVO-CMS 2.1.0 Cross Site Request Forgery

Affected software: evo cms Type of vulnerability: adding new admin csrf URL: http://www.evo-german.com/ Discovered by: Provensec Website: http://www.provensec.com version:EVO-CMS 2.1.0 Proof of concept attacker was able to add new admin as there were no protection against csrf poc poc: input...

0.8AI score
Exploits0
Cvelist
Cvelist
added 2014/12/08 4:0 p.m.19 views

CVE-2014-9344

Cross-site request forgery CSRF vulnerability in Snowfox CMS before 1.0.10 allows remote attackers to hijack the authentication of administrators for requests that add a new admin account via a submit action in the admin/accounts/create uri to snowfox/...

7AI score0.02341EPSS
Exploits2References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

dotProject 2.1.5 CSRF Vulnerability

No description provided by source. Source: http://packetstormsecurity.org/files/view/98245/dotProject2.1.5-xsrf.txt !------------------------------------------------------------------------ Software................dotProject 2.1.5 Vulnerability...........Cross-site Request Forgery...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

AdaptCMS_Lite_1.5 2009-07-07

No description provided by source. =========================================================================== Topic : AdaptCMSLite1.5 2009-07-07 Bug type : change admin user,passwd & add new admin user exploit Download :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.24 views

Libera CMS <= 1.12 (Cookie) Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl ---------------------------------------------------------- Libera CMS = 1.12 Cookie Remote SQL Injection Exploit Perl Exploit - Add a new admin with your credentials! Author: StAkeR - StAkeRathotmaildotit...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2013/07/10 12:0 a.m.67 views

Zoom X4/X5 ADSL Modem and Router -Unauthenticated Remote Root Command Execution

Vulnerable Products - Zoom X4 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Zoom X5 ADSL Modem and Router running Nucleus/4.3 UPnP/1.0Virata-EmWeb/R620 Server All GS Firmware versions Note: A similar vulnerability was reported several years ag...

0.8AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2012/12/20 12:0 a.m.23 views

Symantec Messaging Gateway Save.do Cross Site Request Forgery (CVE-2012-0308)

A cross-site request forgery CSRF vulnerability has been reported in Symantec Messaging Gateway. The vulnerability is due to errors while validating user input. A remote attacker can exploit this vulnerability by enticing a user to open a specially crafted URI. Successful exploitation would allow...

6.8CVSS6.3AI score0.01923EPSS
Exploits0
Rows per page
Query Builder