China-Linked Twill Typhoon Uses Fake Apple and Yahoo Sites for Espionage

A new Darktrace report reveals how Chinese hackers use fake Apple and Yahoo sites and the FDMTP malware framework to spy on organisations...

EUVD-2021-2340

Malware in sbrugna...

Malicious code in test-mlw2-visto-twill (npm)

The package test-mlw2-visto-twill was found to contain malicious code...

MAL-2025-36585 Malicious code in test-mlw2-visto-twill (npm)

The package test-mlw2-visto-twill was found to contain malicious code...

CVE-2021-3932

twill is vulnerable to Cross-Site Request Forgery CSRF...

Twill Cross-Site Request Forgery Vulnerability

Twill is an open source Cms toolkit for Laravel. It is used to help developers quickly create intuitive, powerful and flexible custom management console. twill cross-site request forgery vulnerability, the vulnerability stems from the software in the login authentication process using get request...

GHSA-F99G-PG48-WRFC twill is vulnerable to Cross-Site Request Forgery (CSRF)

twill is vulnerable to Cross-Site Request Forgery CSRF...

twill is vulnerable to Cross-Site Request Forgery (CSRF)

twill is vulnerable to Cross-Site Request Forgery CSRF...

Cross-site Request Forgery (CSRF)

area17/twill is vulnerable to cross-site request forgery. The vulnerability exists due to the use of unsecure GET request which allows an attacker to use the script src="" to log out any user who went to the attacker website...

CVE-2021-3932

twill is vulnerable to Cross-Site Request Forgery CSRF...

CVE-2021-3932

twill is vulnerable to Cross-Site Request Forgery CSRF...

Cross site request forgery (csrf)

twill is vulnerable to Cross-Site Request Forgery CSRF...

CVE-2021-3932 Cross-Site Request Forgery (CSRF) in area17/twill

twill is vulnerable to Cross-Site Request Forgery CSRF...

CVE-2021-3932

Twill (Laravel-based CMS toolkit) is affected by a Cross-Site Request Forgery (CSRF) vulnerability identified as CVE-2021-3932. The vulnerability stems from using GET requests in the login/authentication flow instead of POST, enabling CSRF attacks that can be triggered by an attacker within a use...

Twill 跨站请求伪造漏洞

Twill is an open source Cms toolkit for Laravel. It is used to help developers quickly create intuitive, powerful and flexible custom management console. twill cross-site request forgery vulnerability, the vulnerability stems from the software in the login authentication process using get request...

Cross-Site Request Forgery (CSRF)

twill is vulnerable to Cross-Site Request Forgery CSRF...

Cross-Site Request Forgery (CSRF) in area17/twill

Description Attacker is able to logout a user if a logged in user visits attacker website. Impact This vulnerability is capable of forging user to unintentional logout. Test Tested on Edge, firefox, chrome and safari. Fix You should use POST instead of GET. To expand: One way GET could be abused...

Cross-site Scripting (XSS) - Reflected in area17/twill

Description The Application is vulnerable to reflected cross-site scripting attack. URL: /contact/offices/ Parameter: offset Proof of Concept Open the following URL in the browser for POC...

ctshirts.com XSS vulnerability

Open Bug Bounty ID: OBB-453620 Description| Value ---|--- Affected Website:| ctshirts.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...