Lucene search
K

12 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.12 views

XCloner Standalone 3.5 - CSRF Vulnerability

No description provided by source...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.57 views

Сross-Site Request Forgery (CSRF) in XCloner Standalone

Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosure: April 9, 2014 Vulnerability Type: Cross-Site...

7.6CVSS0.2AI score0.0621EPSS
Exploits6
NVD
NVD
added 2014/04/25 8:55 p.m.22 views

CVE-2014-2996

XCloner Standalone 3.5 and earlier, when enabledbbackup and sqlmem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackupcomp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses...

7.1CVSS7.2AI score0.10193EPSS
Exploits1References3
NVD
NVD
added 2014/04/25 8:55 p.m.25 views

CVE-2014-2579

Multiple cross-site request forgery CSRF vulnerabilities in XCloner Standalone 3.5 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 change the administrator password via the config task to index2.php or 2 when the enabledbbackup and sqlmem...

7.6CVSS7.7AI score0.0621EPSS
Exploits6References4
Prion
Prion
added 2014/04/25 8:55 p.m.20 views

Code injection

XCloner Standalone 3.5 and earlier, when enabledbbackup and sqlmem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackupcomp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses...

7.1CVSS7.5AI score0.10193EPSS
Exploits7References3Affected Software1
Cvelist
Cvelist
added 2014/04/25 8:0 p.m.37 views

CVE-2014-2579

Multiple cross-site request forgery CSRF vulnerabilities in XCloner Standalone 3.5 and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 change the administrator password via the config task to index2.php or 2 when the enabledbbackup and sqlmem...

7.7AI score0.0621EPSS
Exploits6References4
Cvelist
Cvelist
added 2014/04/25 8:0 p.m.24 views

CVE-2014-2996

XCloner Standalone 3.5 and earlier, when enabledbbackup and sqlmem are enabled, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in the dbbackupcomp parameter in a generate action to index2.php. NOTE: it is not clear whether this issue crosses...

7.2AI score0.10193EPSS
Exploits1References3
seebug.org
seebug.org
added 2014/04/17 12:0 a.m.25 views

XCloner Standalone跨站请求伪造漏洞

Bugtraq ID:65751 CVE ID:CVE-2014-2579 XCloner Standalone是一个备份和恢复应用。 XCloner Standalone存在跨站请求伪造漏洞,允许远程攻击者构建恶意URI,诱使用户解析,可以目标用户上下文执行恶意操作。 0 XCloner Standalone 3.5 目前没有详细解决方案: http://www.xcloner.com/...

7.6CVSS0.2AI score0.0621EPSS
Exploits6
Exploit DB
Exploit DB
added 2014/04/10 12:0 a.m.72 views

XCloner Standalone 3.5 - Cross-Site Request Forgery

Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosure: April 9, 2014 Vulnerability Type: Cross-Site...

7.6CVSS7AI score0.0621EPSS
Exploits6
0day.today
0day.today
added 2014/04/10 12:0 a.m.57 views

XCloner Standalone 3.5 Cross Site Request Forgery Vulnerability

XCloner Standalone version 3.5 suffers from a cross site request forgery vulnerability. Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014...

7.6CVSS6.2AI score0.0621EPSS
Exploits6
Packet Storm
Packet Storm
added 2014/04/09 12:0 a.m.60 views

XCloner Standalone 3.5 Cross Site Request Forgery

Advisory ID: HTB23207 Product: XCloner Standalone Vendor: XCloner Vulnerable Versions: 3.5 and probably prior Tested Version: 3.5 Advisory Publication: March 14, 2014 without technical details Vendor Notification: March 14, 2014 Public Disclosure: April 9, 2014 Vulnerability Type: Cross-Site...

7.6CVSS0.1AI score0.0621EPSS
Exploits6
htbridge
htbridge
added 2014/03/14 12:0 a.m.37 views

Сross-Site Request Forgery (CSRF) in XCloner Standalone

High-Tech Bridge Security Research Lab discovered vulnerability in XCloner Standalone, which can be exploited to perform Сross-Site Request Forgery CSRF attacks and gain complete control over the website. 1. Сross-Site Request Forgery CSRF in XCloner Standalone: CVE-2014-2579 1.1 The vulnerabilit...

7.6CVSS1AI score0.0621EPSS
Exploits6Affected Software1
Rows per page
Query Builder