7 matches found
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page...
CVE-2014-8429
Cross-site request forgery CSRF vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to the owner/users page...
CVE-2014-8429
CVE-2014-8429 describes a Cross-Site Request Forgery (CSRF) in xEpan CMS (versions 1.0.1 and earlier; affected 1.0.4.1, 1.0.4) where an attacker can hijack administrator sessions by convincing a logged-in admin to perform an action that creates a new administrative account via a crafted request t...
xEpan 1.0.1 - Cross-Site Request Forgery
xEpan 1.0.1 - Cross-Site Request Forgery Advisory ID: HTB23240 Product: xEpan Vendor: Xavoc Technocrats Pvt. Ltd. Vulnerable Versions: 1.0.1 and probably prior Tested Version: 1.0.1 Advisory Publication: October 22, 2014 without technical details Vendor Notification: October 22, 2014 Public...
xEpan 1.0.1 Cross Site Request Forgery
Advisory ID: HTB23240 Product: xEpan Vendor: Xavoc Technocrats Pvt. Ltd. Vulnerable Versions: 1.0.1 and probably prior Tested Version: 1.0.1 Advisory Publication: October 22, 2014 without technical details Vendor Notification: October 22, 2014 Public Disclosure: November 26, 2014 Vulnerability...
xEpan 1.0.1 Cross Site Request Forgery Vulnerability
xEpan version 1.0.1 suffers from a cross site request forgery vulnerability. Product: xEpan Vendor: Xavoc Technocrats Pvt. Ltd. Vulnerable Versions: 1.0.1 and probably prior Tested Version: 1.0.1 Advisory Publication: October 22, 2014 without technical details Vendor Notification: October 22, 201...
xEpan 1.0.1 - Cross-Site Request Forgery
Advisory ID: HTB23240 Product: xEpan Vendor: Xavoc Technocrats Pvt. Ltd. Vulnerable Versions: 1.0.1 and probably prior Tested Version: 1.0.1 Advisory Publication: October 22, 2014 without technical details Vendor Notification: October 22, 2014 Public Disclosure: November 26, 2014 Vulnerability...