Lucene search
K

7 matches found

Prion
Prion
added 2014/11/28 3:59 p.m.14 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page...

6.8CVSS7.4AI score0.02242EPSS
Exploits5References2Affected Software1
Cvelist
Cvelist
added 2014/11/28 3:0 p.m.24 views

CVE-2014-8429

Cross-site request forgery CSRF vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page...

6.9AI score0.02242EPSS
Exploits5References2
CVE
CVE
added 2014/11/28 3:0 p.m.51 views

CVE-2014-8429

CVE-2014-8429 describes a Cross-Site Request Forgery (CSRF) in xEpan CMS (versions 1.0.1 and earlier; affected 1.0.4.1, 1.0.4) where an attacker can hijack administrator sessions by convincing a logged-in admin to perform an action that creates a new administrative account via a crafted request t...

6.8CVSS7.1AI score0.02242EPSS
Exploits5References2Affected Software1
exploitpack
exploitpack
added 2014/11/26 12:0 a.m.40 views

xEpan 1.0.1 - Cross-Site Request Forgery

xEpan 1.0.1 - Cross-Site Request Forgery Advisory ID: HTB23240 Product: xEpan Vendor: Xavoc Technocrats Pvt. Ltd. Vulnerable Versions: 1.0.1 and probably prior Tested Version: 1.0.1 Advisory Publication: October 22, 2014 without technical details Vendor Notification: October 22, 2014 Public...

6.8CVSS0.5AI score0.02242EPSS
Exploits5
Packet Storm
Packet Storm
added 2014/11/26 12:0 a.m.49 views

xEpan 1.0.1 Cross Site Request Forgery

Advisory ID: HTB23240 Product: xEpan Vendor: Xavoc Technocrats Pvt. Ltd. Vulnerable Versions: 1.0.1 and probably prior Tested Version: 1.0.1 Advisory Publication: October 22, 2014 without technical details Vendor Notification: October 22, 2014 Public Disclosure: November 26, 2014 Vulnerability...

6.8CVSS0.5AI score0.02242EPSS
Exploits5
0day.today
0day.today
added 2014/11/26 12:0 a.m.49 views

xEpan 1.0.1 Cross Site Request Forgery Vulnerability

xEpan version 1.0.1 suffers from a cross site request forgery vulnerability. Product: xEpan Vendor: Xavoc Technocrats Pvt. Ltd. Vulnerable Versions: 1.0.1 and probably prior Tested Version: 1.0.1 Advisory Publication: October 22, 2014 without technical details Vendor Notification: October 22, 201...

7AI score0.02242EPSS
Exploits5
Exploit DB
Exploit DB
added 2014/11/26 12:0 a.m.50 views

xEpan 1.0.1 - Cross-Site Request Forgery

Advisory ID: HTB23240 Product: xEpan Vendor: Xavoc Technocrats Pvt. Ltd. Vulnerable Versions: 1.0.1 and probably prior Tested Version: 1.0.1 Advisory Publication: October 22, 2014 without technical details Vendor Notification: October 22, 2014 Public Disclosure: November 26, 2014 Vulnerability...

6.8CVSS6.5AI score0.02242EPSS
Exploits5
Rows per page
Query Builder