VikBooking < 1.6.8 - Insecure Direct Object References

Description The plugin allows direct access to menus, allowing an authenticated user with subscriber privileges or above, to bypass authorization and access settings of the plugin's they shouldn't be allowed to. https://example.com/wp-admin/admin.php?option=comvikbooking&task=config...

b2evolution 3.3.3 Cross Site Request Forgery [CSRF]

No description provided by source. ---------------------------------------------------------------------------- : Exploit Title: b2evolution 3.3.3 Cross site request forgery : : Date: 05/07/2010 & 23/07/1431 H : : Author: saudi0hacker : : Software Link: http://b2evolution.net/downloads/index.html...

b2evolution 3.3.3 Cross Site Request Forgery

---------------------------------------------------------------------------- : Exploit Title: b2evolution 3.3.3 Cross site request forgery : : Date: 05/07/2010 & 23/07/1431 H : : Author: saudi0hacker : : Software Link: http://b2evolution.net/downloads/index.html : : Version: 3.3.3 : : Tested on:...