Lucene search
K

31 matches found

securityvulns
securityvulns
added 2011/03/23 12:0 a.m.41 views

PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability

PHP-Nuke 8.x = Cross Site Request Forgery CSRF / Anti-CSRF Bypass Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower versions are vulnerable to Cross Site Request Forgery CSRF because its Anti-CSRF mechanism Referer Check is found to be broken. 2. BACKGROUND PHP-Nuke is a Web Portal...

0.3AI score
Exploits0
NVD
NVD
added 2010/03/03 7:30 p.m.25 views

CVE-2010-0921

Cross-site request forgery CSRF vulnerability in IBM Lotus iNotes aka Domino Web Access or DWA before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."...

6.8CVSS6.9AI score0.00576EPSS
Exploits0References4
Prion
Prion
added 2010/03/03 7:30 p.m.20 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM Lotus iNotes aka Domino Web Access or DWA before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."...

4.3CVSS5.8AI score0.0103EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2010/03/03 7:30 p.m.30 views

CVE-2010-0920

Cross-site scripting XSS vulnerability in IBM Lotus iNotes aka Domino Web Access or DWA before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."...

4.3CVSS5.5AI score0.0103EPSS
Exploits0References3
CVE
CVE
added 2010/03/03 7:0 p.m.49 views

CVE-2010-0921

IBM Lotus iNotes (aka Domino Web Access) prior to 229.281 for Domino 8.0.2 FP4 is affected by a CSRF vulnerability that could allow an attacker to hijack the authentication of unspecified victims due to missing XSS/CSRF Get Filter and Referer Check fixes. Affected component: iNotes/DWA on Domino ...

6.8CVSS7.1AI score0.00576EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2010/03/03 7:0 p.m.17 views

CVE-2010-0921

Cross-site request forgery CSRF vulnerability in IBM Lotus iNotes aka Domino Web Access or DWA before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes."...

6.9AI score0.00576EPSS
Exploits0References4
myhack58
myhack58
added 2009/12/31 12:0 a.m.25 views

Seven jubilee dance music management system v3. 0 0day analysis-vulnerability warning-the black bar safety net

!-- Include File="CmsDj. Conn. asp" - !-- Include File="CmsDj. Function. asp" - % Fromurl = CstrRequest. ServerVariables"HTTPREFERER" Servurl = CstrRequest. ServerVariables"SERVERNAME" If midFromurl,8,lenServurl Servurl Then //determine the REFERER Response. Write "does not support external links...

Exploits0
myhack58
myhack58
added 2009/07/21 12:0 a.m.13 views

sablog1. 6 CSRF vulnerability POC-vulnerability warning-the black bar safety net

sablog1. 6 CSRF vulnerability POC. This in my blog, The test is successful, the official download the latest version of the test is successful, but in Ozawa blog failure. The reason is his own modified source program, to determine the referer's. POC: Comments, web site address Enter:...

7.1AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2009/01/09 6:54 a.m.2 views

MODx cross-site request forgery vulnerability

Overview MODx, an open source contents management system, contains a cross-site request forgery vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

6CVSS6.6AI score0.00479EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2007/03/20 12:0 a.m.9 views

PT-2007-2910 · Php Nuke · Php-Nuke

Name of the Vulnerable Software and Affected Versions: PHP-Nuke versions 8.0 and earlier Description: The issue concerns a problem with cross-site request forgery CSRF protection. It does not properly validate the HTTP REFERER, allowing remote attackers to conduct CSRF attacks. Recommendations: F...

6.8CVSS6.8AI score0.00779EPSS
Exploits1References10
securityvulns
securityvulns
added 2004/02/09 12:0 a.m.35 views

formmail (PHP) Upload file using CSS

Informations : °°°°°°°°°°°°°° Website : http://www.dtheatre.com/scripts/ Version : all Problem : Upload file PHP Code/Location : °°°°°°°°°°°°°°°°°°° formmail.php : ------------------------------------------------------------------ function checkreferer$referers if count$referers $found = false;...

0.3AI score
Exploits0
Rows per page
Query Builder