3 matches found
woltlab3-xsrf.txt
WoltLab Burning Board 3.x.x PM Delete Cross-Site Request Forgery Vulnerability by NBBN. Founded: 25 December 2007 Examples: http://domain.tld/wbb3/index.php?page=PM&action=delete&pmID=pmid http://domain.tld/wbb3/index.php?page=PM&action=delete&pmID=1 Fix: Wait for a fix. Or never surf in other...
WoltLab Burning Board 3.x.x Private Message Delete XSRF Vulnerability
WoltLab Burning Board 3.x.x PM Delete Cross-Site Request Forgery Vulnerability by NBBN. Founded: 25 December 2007 Examples: http://domain.tld/wbb3/index.php?page=PMaction=deletepmID=pmid http://domain.tld/wbb3/index.php?page=PMaction=deletepmID=1 Fix: Wait for a fix. Or never surf in other sites,...
phpbb2022-xsrf.txt
phpBB 2.0.22 Remote PM Delete XSRF Vulnerability by NBBN Type: Cross-Site Request Forgery Founded: December 2007 An attacker can send a link via pm to a site with the follow html code to a victim and all victim's pm's are going to be deleted when he click the link. Code Vuln Versions: I've tested...