Twenty Year Anniversary

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 25 of 2,922

CSRF Files

Traq 3.7.1 CSRF / XSS / SQL Injection

Posted Oct 22, 2018

Authored by Matt Landers

Traq version 3.7.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf

MD5 | 0aef457c83d6fd108fe4b17521b80e1b

Download | Favorite | Comments (0)

PHP-SHOP Master 1.0 Cross Site Request Forgery

Posted Oct 18, 2018

Authored by Alireza Norkazemi

PHP-SHOP Master version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf

MD5 | 8a78b5651bd99ac517bc63e491f64913

Download | Favorite | Comments (0)

Zenar Content Management System 8.3 Cross Site Request Forgery

Posted Oct 18, 2018

Authored by Ismail Tasdelen

Zenar Content Management System version 8.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2018-18420

MD5 | 1ca21d4ea7dad9557ab0feb02503c410

Download | Favorite | Comments (0)

Time And Expense Management System 3.0 Cross Site Request Forgery

Posted Oct 17, 2018

Authored by Ihsan Sencan

Time and Expense Management System version 3.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | eebaa3465a55d9a1e3d5e622d97ef868

Download | Favorite | Comments (0)

Academic Timetable Final Build 7.0b Cross Site Request Forgery

Posted Oct 15, 2018

Authored by Ihsan Sencan

Academic Timetable Final Build version 7.0b suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 3bf3f0f7ba764ba675f8a6057c93e485

Download | Favorite | Comments (0)

HaPe PKH 1.1 Cross Site Request Forgery

Posted Oct 12, 2018

Authored by Ihsan Sencan

HaPe PKH version 1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 941b48bb34eb8d4b7ee110a37bffea54

Download | Favorite | Comments (0)

Cockpit CMS CSRF / XSS / Path Traversal

Posted Oct 12, 2018

Authored by Simon Uvarov

Cockpit CMS suffers from cross site request forgery, cross site scripting, and traversal vulnerabilities. Version 0.6.2 should address these issues.

tags | exploit, vulnerability, xss, file inclusion, csrf

advisories | CVE-2018-15538, CVE-2018-15539, CVE-2018-15540

MD5 | 7d2a860626777079a63681bdf22080cc

Download | Favorite | Comments (0)

NPLUG Wireless Repeater 1.0.0.14 CSRF / XSS / Authentication Bypass

Posted Oct 9, 2018

Authored by Patrick Costa

NPLUG Wireless Repeater version 1.0.0.14 suffers from authentication bypass, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, bypass, csrf

advisories | CVE-2018-12455, CVE-2018-12456, CVE-2018-17337

MD5 | 7f73899dfe3e36b811002665eba81f83

Download | Favorite | Comments (0)

Netis ADSL Router DL4322D RTK 2.1.1 Cross Site Request Forgery

Posted Oct 5, 2018

Authored by Cakes

Netis ADSL Router DL4322D RTK 2.1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 610b8e0979a26b0265d52c13cd87df5e

Download | Favorite | Comments (0)

Oracle WebCenter Interaction XSS / Insecure Redirect / CSRF / DoS

Posted Sep 17, 2018

Authored by Ben N

Oracle WebCenter Interaction version 10.3.3 suffers from cross site request forgery, cross site scripting, denial of service, and various other vulnerabilities.

tags | advisory, denial of service, vulnerability, xss, csrf

advisories | CVE-2018-16952, CVE-2018-16953, CVE-2018-16954, CVE-2018-16955, CVE-2018-16956, CVE-2018-16957, CVE-2018-16958, CVE-2018-16959

MD5 | ad870b83464d9a944075001fc18b75fb

Download | Favorite | Comments (0)

osCommerce 2.3.4.1 Cross Site Request Forgery

Posted Sep 5, 2018

Authored by Hesam Bazvand

osCommerce version 2.3.4.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 5ba0559ccd442984dcf1d43dc23a2084

Download | Favorite | Comments (0)

Admidio 3.3.5 Cross Site Request Forgery

Posted Sep 3, 2018

Authored by Nawaf Alkeraithe

Admidio version 3.3.5 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 7069f4402658689f08a1aa2a92fdda83

Download | Favorite | Comments (0)

DamiCMS 6.0.0 Cross Site Request Forgery

Posted Aug 31, 2018

Authored by Autism_JH

DamiCMS version 6.0.0 change administrative password cross site request forgery proof of concept exploit.

tags | exploit, proof of concept, csrf

advisories | CVE-2018-15844

MD5 | 6b671483456e26e8a611bc5309ec9bdf

Download | Favorite | Comments (0)

phpMyAdmin 4.7.x Cross Site Request Forgery

Posted Aug 31, 2018

Authored by VulnSpy

phpMyAdmin version 4.7.x suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2017-1000499

MD5 | bec670ecb667bf06900e5ba0197ad046

Download | Favorite | Comments (0)

Vox TG790 ADSL Router Cross Site Request Forgery

Posted Aug 27, 2018

Authored by Cakes

The Vox TG790 ADSL router suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | f1ddebc2283a2129859fcbe0f67c5378

Download | Favorite | Comments (0)

Gleez CMS 1.2.0 Cross Site Request Forgery

Posted Aug 27, 2018

Authored by GunEggWang

Gleez CMS version 1.2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2018-15845

MD5 | 2f0089c7d34c574bc74a84ef72ec3fdb

Download | Favorite | Comments (0)

RICOH MP C4504ex Cross Site Request Forgery

Posted Aug 27, 2018

Authored by Ismail Tasdelen

The RICOH MP C4504ex printer suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2018-15884

MD5 | ca52e9e6a9ab961e378e5f8674df1140

Download | Favorite | Comments (0)

OSCAR EMR 15.21beta361 XSS / Disclosure / CSRF / Insecure Direct Object Reference

Posted Aug 23, 2018

Authored by Brian D. Hysell

OSCAR EMR version 15.21beta361 suffers from remote code execution, cross site request forgery, cross site scripting, denial of service, deserialization, remote SQL injection, and path traversal vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, code execution, xss, sql injection, csrf

advisories | CVE-2014-0114

MD5 | 6823c6acccafa60cd8d4e4359d2ae81f

Download | Favorite | Comments (0)

MyBB Moderator Log Notes 1.1 Cross Site Request Forgery

Posted Aug 20, 2018

Authored by 0xB9

MyBB Moderator Log Notes plugin version 1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 3920b88068a9b23761c3e7669cd0e836

Download | Favorite | Comments (0)

Silver Peak EdgeConnect 8.1.4.9_65644 XSS / DoS / Disclosure / Traversal

Posted Aug 17, 2018

Authored by Denis Kolegov, Antony Nikolaev, Nikita Oleksov, Nikolay Tkachenko, Maxim Gorbunov, Sergey Gordeychick, Oleg Broslavsky

Silver Peak EdgeConnect version 8.1.4.9_65644 suffers from brute force, information leakage, cross site request forgery, cross site scripting, denial of service, default SNMP community string, and path traversal vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, csrf

MD5 | e4ddd8331675dc38b057e9a9e7378699

Download | Favorite | Comments (0)

Pimcore 5.2.3 CSRF / Cross Site Scripting / SQL Injection

Posted Aug 16, 2018

Authored by T. Silpavarangkura, N. Rai-Ngoen | Site sec-consult.com

Pimcore versions 5.2.3 and below suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf

advisories | CVE-2018-14057, CVE-2018-14058, CVE-2018-14059

MD5 | d808a938be664e7caf308aa18e9de8b5

Download | Favorite | Comments (0)

TP-Link C50 Wireless Router 3 Information Disclosure Cross Site Request Forgery

Posted Aug 9, 2018

Authored by Wadeek

TP-Link C50 Wireless Router 3 suffers from cross site request forgery vulnerability that allows for information disclosure.

tags | exploit, info disclosure, csrf

MD5 | ff0ed20f48b3b4ba6ce38af963e655b6

Download | Favorite | Comments (0)

TP-Link C50 Wireless Router 3 Remote Reboot Cross Site Request Forgery

Posted Aug 9, 2018

Authored by Wadeek

TP-Link C50 Wireless Router 3 suffers from a remote reboot cross site request forgery vulnerability.

tags | exploit, remote, csrf

MD5 | bc1a34f00e92454947e94995d37fc1ab

Download | Favorite | Comments (0)

Red Hat Security Advisory 2018-2371-01

Posted Aug 9, 2018

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2371-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. The RHOAR Eclipse Vert.x 3.5.3 release serves as a replacement for RHOAR Eclipse Vert.x 3.5.1, and includes bug fixes and enhancements. For a detailed list of issues resolved in the community Eclipse Vert.x 3.5.3 release, see the release notes in the References section. Issues addressed include a cross site request forgery vulnerability.

tags | advisory, csrf

systems | linux, redhat

advisories | CVE-2018-12537, CVE-2018-12540

MD5 | b8487556ce68340285c45975f2039430

Download | Favorite | Comments (0)

Debian Security Advisory 4262-1

Posted Aug 6, 2018

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4262-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to open redirects, cross-site request forgery, information disclosure, session fixation or denial of service.

tags | advisory, denial of service, php, vulnerability, info disclosure, csrf

systems | linux, debian

advisories | CVE-2016-2403, CVE-2017-1665, CVE-2017-16653, CVE-2017-16654, CVE-2017-16790, CVE-2018-11385, CVE-2018-11386, CVE-2018-11406

MD5 | 9d90561cb123024abe81fc4647a6aff3

Download | Favorite | Comments (0)