14 matches found
EUVD-2017-4314
Malware in sbrugna...
Question2Answer User Account Creation Vulnerability
Question2Answer is a PHP implementation of the class StackOverflow website question and answer system . A security vulnerability exists in the qa-include/qa-install.php file in Question2Answer versions prior to 1.7.5. A remote attacker can exploit this vulnerability to create multiple user accoun...
CVE-2017-12775
qa-include/qa-install.php in Question2Answer before 1.7.5 allows remote attackers to create multiple user accounts...
CVE-2017-12775
qa-include/qa-install.php in Question2Answer before 1.7.5 allows remote attackers to create multiple user accounts...
Code injection
qa-include/qa-install.php in Question2Answer before 1.7.5 allows remote attackers to create multiple user accounts...
CVE-2017-12775
qa-include/qa-install.php in Question2Answer before 1.7.5 allows remote attackers to create multiple user accounts...
CVE-2017-12775
CVE-2017-12775 affects Question2Answer (qa-install.php) prior to version 1.7.5. The vulnerability allows remote attackers to create multiple user accounts, due to an issue in the installation script. Exploitation details are not explicitly provided beyond the description in the connected sources;...
Question2Answer 1.7 Cross Site Scripting
Title: Script Question2Answer 1.7 - Stored XSS Vulnerability + Author: s0w + Tested On Windows & Linux + Date: 21/03/2015 + Type: Web Application + Script Download: https://github.com/q2a/question2answer + Vendor Homepage: http://www.question2answer.org + Vulnerability...
Exploit for stealing admin's account in Question2Answer
Hello! Here is exploit for stealing admin's account in Question2Answer. This exploit uses Cross-Site Request Forgery vulnerability at http://site/account and Insufficient Anti-automation vulnerabilities at http://site/forgot and http://site/reset, which I've described in the second advisory about...
Question2Answer Cross Site Request Forgery
Hello! Here is exploit for stealing admin's account in Question2Answer. This exploit uses Cross-Site Request Forgery vulnerability at http://site/account and Insufficient Anti-automation vulnerabilities at http://site/forgot and http://site/reset, which I've described in the second advisory about...
BF, IAA and CSRF vulnerabilities in Question2Answer
Hello 3APA3A! These are Brute Force, Insufficient Anti-automation and Cross-Site Request Forgery vulnerabilities in Question2Answer. This is the first part of vulnerabilities in this web application. ------------------------- Affected products: ------------------------- Vulnerable are all version...
Question2Answer 1.5.3 CSRF / Brute Force Vulnerability
Exploit for php platform in category web applications These are Brute Force, Insufficient Anti-automation and Cross-Site Request Forgery vulnerabilities in Question2Answer. This is the first part of vulnerabilities in this web application. ------------------------- Affected products:...
Question2Answer 1.5.3 CSRF / Brute Force
Hello list! These are Brute Force, Insufficient Anti-automation and Cross-Site Request Forgery vulnerabilities in Question2Answer. This is the first part of vulnerabilities in this web application. ------------------------- Affected products: ------------------------- Vulnerable are all versions ...
Question2Answer - Cross-Site Request Forgery
Question2Answer - Cross-Site Request Forgery source: https://www.securityfocus.com/bid/58414/info Question2Answer is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions and gain access to the affected...