VCalendar 1.1.5 CSRF Vulnerability

No description provided by source. Vulnerability ID: HTB22969 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinvcalendar.html Product: VCalendar Vendor: UltraApps http://ultraapps.com Vulnerable Version: 1.1.5 Vendor Notification: 21 April 2011 Vulnerability Type: CSRF...

HTB22969: CSRF (Cross-Site Request Forgery) in VCalendar

Vulnerability ID: HTB22969 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinvcalendar.html Product: VCalendar Vendor: UltraApps http://ultraapps.com Vulnerable Version: 1.1.5 Vendor Notification: 21 April 2011 Vulnerability Type: CSRF Cross-Site Request Forgery Risk level:...

VCalendar 1.1.5 - Cross-Site Request Forgery

VCalendar 1.1.5 - Cross-Site Request Forgery Vulnerability ID: HTB22969 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinvcalendar.html Product: VCalendar Vendor: UltraApps http://ultraapps.com Vulnerable Version: 1.1.5 Vendor Notification: 21 April 2011 Vulnerability Type:...

VCalendar 1.1.5 Cross Site Request Forgery

Vulnerability ID: HTB22969 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinvcalendar.html Product: VCalendar Vendor: UltraApps http://ultraapps.com Vulnerable Version: 1.1.5 Vendor Notification: 21 April 2011 Vulnerability Type: CSRF Cross-Site Request Forgery Risk level:...

VCalendar 1.1.5 CSRF Vulnerability

Exploit for php platform in category web applications Product: VCalendar Vendor: UltraApps http://ultraapps.com Vulnerable Version: 1.1.5 Vendor Notification: 21 April 2011 Vulnerability Type: CSRF Cross-Site Request Forgery Risk level: Low Credit: High-Tech Bridge SA Security Research Lab...

VCalendar 1.1.5 - Cross-Site Request Forgery

Vulnerability ID: HTB22969 Reference: http://www.htbridge.ch/advisory/csrfcrosssiterequestforgeryinvcalendar.html Product: VCalendar Vendor: UltraApps http://ultraapps.com Vulnerable Version: 1.1.5 Vendor Notification: 21 April 2011 Vulnerability Type: CSRF Cross-Site Request Forgery Risk level:...

CVE-2005-4453

UserProfile.cs in Ultraapps Issue Manager before 2.1 allows remote authenticated users to gain administrator privileges by modifying the original 1 pUseruserid and 2 Useruserid parameters to UserProfile.aspx, then modifying the password field...

CVE-2005-4453

CVE-2005-4453 concerns Ultraapps Issue Manager prior to 2.1. A remote authenticated user can gain administrator privileges by tampering with parameters in UserProfile.aspx (p_User_user_id and User_user_id) and then modifying the password field. No patch or remediation details are provided in the ...

CVE-2005-4453

UserProfile.cs in Ultraapps Issue Manager before 2.1 allows remote authenticated users to gain administrator privileges by modifying the original 1 pUseruserid and 2 Useruserid parameters to UserProfile.aspx, then modifying the password field...

IRM 013: Ultraapps Issue Manager is vulnerable to Privilege Escalation

---------------------------------------------------------------------- IRM Security Advisory No. 013 Ultraapps Issue Manager is vulnerable to Privilege Escalation Vulnerablity Type / Importance: Privilege Escalation / High Problem discovered: November 25th 2005 Vendor contacted: November 25th 200...