what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 25 of 3,168

CSRF Files

TypeSetter 5.1 Cross Site Request Forgery

Posted Dec 1, 2020

Authored by Alperen Ergel

TypeSetter version 5.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | b67e8396e549f39a1f6d2f1fe8eb968a

Download | Favorite | View

ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password

Posted Nov 24, 2020

Authored by T. Weber, S. Robertz | Site sec-consult.com

ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf

MD5 | b293a0edbfa49250febb13cbf573bd9b

Download | Favorite | View

Customer Support System 1.0 Cross Site Request Forgery

Posted Nov 11, 2020

Authored by Ahmed Abbas

Customer Support System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 7cb61348999bd582e9317e96cda8d769

Download | Favorite | View

Genexis Platinum-4410 P4410-V2-1.28 Missing Access Control / CSRF

Posted Nov 9, 2020

Authored by Jinson Varghese Behanan

Genexis Platinum-4410 version P4410-V2-1.28 suffers from missing access control and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, bypass, csrf

advisories | CVE-2020-25015

MD5 | 19dd7cfa841cbf52a780424e364979a9

Download | Favorite | View

Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure

Posted Nov 5, 2020

Authored by Wolfgang Ettlinger, T. Serafin | Site sec-consult.com

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities.

tags | exploit, vulnerability, csrf

advisories | CVE-2020-27016, CVE-2020-27017, CVE-2020-27018, CVE-2020-27019, CVE-2020-27693, CVE-2020-27694

MD5 | dfa15ee9d60763987a67c4ef7525645a

Download | Favorite | View

Red Hat Security Advisory 2020-4743-01

Posted Nov 4, 2020

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4743-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow, bypass, cross site request forgery, denial of service, heap overflow, information leakage, and out of bounds read vulnerabilities.

tags | advisory, web, denial of service, overflow, vulnerability, csrf

systems | linux, redhat

advisories | CVE-2019-12520, CVE-2019-12521, CVE-2019-12523, CVE-2019-12524, CVE-2019-12526, CVE-2019-12528, CVE-2019-12529, CVE-2019-12854, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-18860, CVE-2020-14058, CVE-2020-15049, CVE-2020-24606, CVE-2020-8449, CVE-2020-8450

MD5 | 9d6e01336e2e2755764b1fc2058759d5

Download | Favorite | View

Genexis Platinum-4410 P4410-V2-1.28 Cross Site Request Forgery

Posted Oct 29, 2020

Authored by Mohammed Farhan

Genexis Platinum-4410 version P4410-V2-1.28 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 146fa3e7e680262eec3c8a7849e57ef6

Download | Favorite | View

WordPress SuperStoreFinder 6.1 CSRF / Shell Upload

Posted Oct 20, 2020

Authored by Joe Iz

WordPress SuperStoreFinder plugin version 6.1 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf

MD5 | d65d9b7ecb896e5b99b319e01822cb42

Download | Favorite | View

Textpattern CMS 4.6.2 Cross Site Request Forgery

Posted Oct 20, 2020

Authored by Alperen Ergel

Textpattern CMS version 4.6.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | b753353b69cc27b5e38d093ff1af5070

Download | Favorite | View

Garfield Petshop 2020-10-01 Cross Site Request Forgery

Posted Oct 9, 2020

Authored by Ramdan Yantu

Garfield Petshop versions through 2020-10-01 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2020-26522

MD5 | 4dd5cb174256b2a2948831c7b09734c3

Download | Favorite | View

Liman 0.7 Cross Site Request Forgery

Posted Oct 7, 2020

Authored by George Tsimpidas

Liman version 0.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | ae4e8264074f4eb543f72f74611a05fd

Download | Favorite | View

RocketLinx Series Authentication Bypass / CSRF / Command Injection

Posted Oct 5, 2020

Authored by T. Weber | Site sec-consult.com

RocketLinx Series suffers from unauthenticated device administration, backdoor account, cross site request forgery, command injection, and unauthenticated tftp action vulnerabilities. Multiple versions are affected.

tags | advisory, vulnerability, csrf

advisories | CVE-2020-12500, CVE-2020-12501, CVE-2020-12502, CVE-2020-12503, CVE-2020-12504

MD5 | 9664ca8388506a40ebc5918326533f75

Download | Favorite | View

SpinetiX Fusion Digital Signage 3.4.8 Cross Site Request Forgery

Posted Oct 1, 2020

Authored by LiquidWorm | Site zeroscience.mk

SpinetiX Fusion Digital Signage version 3.4.8 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | b11d34cdcd9290c7637a7fddb59c490c

Download | Favorite | View

MonoCMS Blog 1.0 File Deletion / CSRF / Hardcoded Credentials

Posted Oct 1, 2020

Authored by Shahrukh Iqbal Mirza

MonoCMS Blog version 1.0 suffers from arbitrary file deletion, cross site request forgery, and information disclosure vulnerabilities.

tags | exploit, arbitrary, vulnerability, file inclusion, info disclosure, csrf

advisories | CVE-2020-25986, CVE-2020-25987

MD5 | 858c4bad79460948ebff42b9ed1fd0cd

Download | Favorite | View

Red Hat Security Advisory 2020-4134-01

Posted Sep 30, 2020

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4134-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a cross site request forgery vulnerability.

tags | advisory, web, ruby, csrf

systems | linux, redhat

advisories | CVE-2020-14369

MD5 | 7b592d1c8a00ce955618e86db98f6569

Download | Favorite | View

BlackCat CMS 1.3.6 Cross Site Request Forgery

Posted Sep 21, 2020

Authored by Noth

BlackCat CMS version 1.3.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2020-25453

MD5 | 0d40c200edac875394952e0642ee20ab

Download | Favorite | View

RAD SecFlow-1v SF_0290_2.3.01.26 Cross Site Request Forgery

Posted Sep 14, 2020

Authored by Uriel Yochpaz, Jonatan Schor

RAD SecFlow-1v version SF_0290_2.3.01.26 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 726c088a7cfd8991d27d84005f12a9d7

Download | Favorite | View

Scopia XT Desktop 8.3.915.4 Cross Site Request Forgery

Posted Sep 9, 2020

Authored by V1n1v131r4

Scopia XT Desktop version 8.3.915.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 2f67835c85249d7446fe17222121f0a8

Download | Favorite | View

Red Lion N-Tron 702-W / 702M12-W 2.0.26 XSS / CSRF / Shell

Posted Sep 3, 2020

Authored by T. Weber | Site sec-consult.com

Red Lion N-Tron 702-W and 702M12-W versions 2.0.26 and below suffer from cross site request forgery, hidden shell interface, cross site scripting and busybox vulnerabilities.

tags | exploit, shell, vulnerability, xss, csrf

advisories | CVE-2020-16204, CVE-2020-16206, CVE-2020-16208, CVE-2020-16210

MD5 | 0d2c4894db250550f69bf99d4b85cdbd

Download | Favorite | View

Hyland OnBase Cross Site Request Forgery

Posted Sep 3, 2020

Authored by Adaptive Security Consulting

All versions up to and prior to Hyland OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf

MD5 | 438f9884278e093d5c5792f91e1e717e

Download | Favorite | View

GetSimple CMS Multi User 1.8.2 Cross Site Request Forgery

Posted Aug 13, 2020

Authored by Bobby Cooke, hyd3sec

GetSimple CMS Multi User plugin version 1.8.2 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf

MD5 | b7868197fa770b7cffbd822964b7f528

Download | Favorite | View

Warehouse Inventory System 1.0 Cross Site Request Forgery

Posted Aug 10, 2020

Authored by Bobby Cooke, hyd3sec

Warehouse Inventory System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 01290f1430fc0c874d2441c5bbeb39f0

Download | Favorite | View

Online Shopping Alphaware 1.0 Cross Site Request Forgery

Posted Aug 6, 2020

Authored by Edo Maland

Online Shopping Alphaware version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 0e473b277cc5006c19c5c1b0cd4d436f

Download | Favorite | View

Daily Expenses Management System 1.0 Cross SIte Request Forgery

Posted Aug 6, 2020

Authored by Edo Maland

Daily Expenses Management System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 0db14f4bbeaa206a86465fe712c6ac28

Download | Favorite | View

Stock Management System 1.0 Cross Site Request Forgery

Posted Aug 3, 2020

Authored by Bobby Cooke

Stock Management System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 3c5b73ade86e8add863d011533c5b13b

Download | Favorite | View