15 matches found
EUVD-2008-6448
Malware in sbrugna...
Parallels Virtuozzo Containers 3.0.0-25.4.swsoft VZPP Interface Change Pass - Cross-Site Request Forgery Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28593/info Parallels Virtuozzo Containers is prone to a cross-site request-forgery vulnerability. Exploiting the issue will allow a remote attacker to use a victim's currently active session to change the victim's passwor...
kernel security update
CentOS Errata and Security Advisory CESA-2010:0046 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft build 3.0.0-25.4.swsoft allows remote attackers to modify the password via a link or IMG tag to vz/cp/pwd...
CVE-2008-6479
Cross-site request forgery CSRF vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft build 3.0.0-25.4.swsoft allows remote attackers to modify the password via a link or IMG tag to vz/cp/pwd...
CVE-2008-6478
Cross-site request forgery CSRF vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft build 4.0.0-365.6.swsoft and 25.4.swsoft build 3.0.0-25.4.swsoft allows remote attackers to create and delete arbitrary files as the administrator via a link or IMG tag...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft build 4.0.0-365.6.swsoft and 25.4.swsoft build 3.0.0-25.4.swsoft allows remote attackers to create and delete arbitrary files as the administrator via a link or IMG tag...
CVE-2008-6479
The CVE-2008-6479 entry describes a CSRF vulnerability affecting Parallels Virtuozzo 25.4.swsoft (build 3.0.0-25.4.swsoft) in the VZPP web interface. The flaw allows remote attackers to modify the password via a crafted link or IMG tag to vz/cp/pwd. The vulnerability is tied to the web interface’...
CVE-2008-6478
Cross-site request forgery CSRF vulnerability in the file manager in the VZPP web interface for Parallels Virtuozzo 365.6.swsoft build 4.0.0-365.6.swsoft and 25.4.swsoft build 3.0.0-25.4.swsoft allows remote attackers to create and delete arbitrary files as the administrator via a link or IMG tag...
CVE-2008-6479
Cross-site request forgery CSRF vulnerability in the "change password" feature in the VZPP web interface for Parallels Virtuozzo 25.4.swsoft build 3.0.0-25.4.swsoft allows remote attackers to modify the password via a link or IMG tag to vz/cp/pwd...
CVE-2008-6478
CVE-2008-6478 describes a CSRF vulnerability in the file manager of the VZPP web interface for Parallels Virtuozzo 365.6.swsoft (build 4.0.0-365.6.swsoft) and 25.4.swsoft (build 3.0.0-25.4.swsoft). The flaw allows remote attackers to perform administrator-level actions by enticing a user to load ...
Parallels Virtuozzo Containers 3.0.0-25.4.swsoft VZPP Interface Change Pass - Cross-Site Request Forgery
source: https://www.securityfocus.com/bid/28593/info Parallels Virtuozzo Containers is prone to a cross-site request-forgery vulnerability. Exploiting the issue will allow a remote attacker to use a victim's currently active session to change the victim's password. Successful exploits will...
Parallels Virtuozzo Containers 3.0.0-25.44.0.0-365.6 VZPP Interface File Manger - Cross-Site Request Forgery
Parallels Virtuozzo Containers 3.0.0-25.44.0.0-365.6 VZPP Interface File Manger - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/28589/info Parallels Virtuozzo Containers is prone to a cross-site request-forgery vulnerability. Exploiting the issue will allow a remote attacke...
Parallels Virtuozzo Containers 3.0.0-25.4/4.0.0-365.6 VZPP Interface File Manger - Cross-Site Request Forgery
source: https://www.securityfocus.com/bid/28589/info Parallels Virtuozzo Containers is prone to a cross-site request-forgery vulnerability. Exploiting the issue will allow a remote attacker to use a victim's currently active session to perform certain file-management actions with the privileges o...
Parallels Virtuozzo Containers 3.0.0-25.4.swsoft VZPP Interface Change Pass - Cross-Site Request Forgery
Parallels Virtuozzo Containers 3.0.0-25.4.swsoft VZPP Interface Change Pass - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/28593/info Parallels Virtuozzo Containers is prone to a cross-site request-forgery vulnerability. Exploiting the issue will allow a remote attacker to...