Profile Builder and Profile Builder Pro < 3.1.1 - User Registration With Administrator Role

The plugin is affected by a broken authentication vulnerability, allowing unauthenticated users to register or edit their account and gain the Administrator role using the plugin's forms. The vulnerability only exists in the Plugin's own generated Registration Form or Profile Edit Form. This mean...

Vacation Rental Script 4.0 Cross Site Request Forgery

Exploit Title: Vacation Rental Script v4.0 XSRF VULNERABILTY Google Dork: "2006 - 2009 Vacation Rental Script" Date: 24.12.2010 Author: OnurTURKESHAN Software Link: http://www.vacationrentalscript.com/ Version: v.4.0 Tested on: v4.0 TEsted +WorKs ResPecT My FrienDz :...