what you don't know can hurt you
Showing 1 - 25 of 3,189 RSS Feed

CSRF Files

Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation
Posted Feb 24, 2021
Authored by Source Incite | Site github.com

Microsoft Exchange Server has a flaw that exists within the HasValidCanary function inside of the Canary15 class. The issue results in an insecure generation of cross site request forgery tokens that can be used to install an office-addins. An attacker can leverage this vulnerability to escalate privileges to an administrative account.

tags | exploit, csrf
advisories | CVE-2021-24085
MD5 | 81b28382748f4fe34c5a25dbf5cda8e9
Apache MyFaces 2.x Cross Site Request Forgery
Posted Feb 20, 2021
Authored by Wolfgang Ettlinger

Apache MyFaces versions 2.2.13 and below, 2.3.7 and below, 2.3-next-M4 and below, and 2.1 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2021-26296
MD5 | a8e80747410cdf24bd08eed09d1cb041
Backdoor.Win32.Agent.aak Code Execution / Cross Site Request Forgery
Posted Feb 18, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.aak malware suffers from code execution and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, code execution, csrf
systems | windows
MD5 | 3709fd6065b0c25e41efd07763d6e07d
Unibox 2.4 CSRF / Remote Code Execution
Posted Feb 8, 2021
Authored by Kaustubh G. Padwad

Unibox version 2.4 suffers from remote code execution and cross site request forgery vulnerabilities.

tags | exploit, remote, vulnerability, code execution, csrf
MD5 | 0d9c1908b02b93829d56268f4e5a5330
Unibox Cross Site Request Forgery
Posted Feb 8, 2021
Authored by Kaustubh G. Padwad

Various Unibox products suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | f4a13dbef7fa744bc2d7fb564747eaea
Pixelimity 1.0 Cross Site Request Forgery
Posted Feb 3, 2021
Authored by Noth

Pixelimity version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-23522
MD5 | 9703bfe3f4d733d4fa66e4bc6ad6e779
bloofoxCMS 0.5.2.1 Cross Site Request Forgery
Posted Feb 1, 2021
Authored by LiPeiYi

bloofoxCMS version 0.5.2.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 01f0ae89aa79bdcb7db265f8a62f6725
STVS ProVision 5.9.10 Cross Site Request Forgery
Posted Jan 27, 2021
Authored by LiquidWorm | Site zeroscience.mk

STVS ProVision version 5.9.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 9d1413e4356b04442edd4cf4047a66f3
MyBB Timeline 1.0 Cross Site Request Forgery / Cross Site Scripting
Posted Jan 23, 2021
Authored by 0xB9

MyBB Timeline plugin version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 07af945c1ca865c50d8bff5444d26630
Selea Targa IP OCR-ANPR Camera Cross Site Request Forgery
Posted Jan 22, 2021
Authored by LiquidWorm | Site zeroscience.mk

Selea Targa IP OCR-ANPR Camera suffers from a cross site request forgery vulnerability that allows for adding an administrator. Multiple versions and firmwares are affected.

tags | exploit, csrf
MD5 | be38ae0d2e3c159a66288558c320fb05
Anchor CMS 0.12.7 Cross Site Request Forgery
Posted Jan 21, 2021
Authored by Ninad Mishra

Anchor CMS version 0.12.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-23342
MD5 | 531e88f62d5b3b0859e9fbe1287e363c
Online Hotel Reservation System 1.0 Cross Site Request Forgery
Posted Jan 15, 2021
Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | fb9e7a0cd6253ffe05b2cf9641cb64f7
PHP-Fusion 9.03.90 Cross Site Request Forgery
Posted Jan 15, 2021
Authored by Mohamed Oosman B S

PHP-Fusion version 9.03.90 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
MD5 | a76b7516f7ee7034ed0e11633425eb87
Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection
Posted Jan 13, 2021
Authored by T. Weber | Site sec-consult.com

Pepperl+Fuchs IO-Link Master Series with system version 1.36 and application version 1.5.28 suffers from command injection, cross site request forgery, cross site scripting, denial of service, and null pointer vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, csrf
advisories | CVE-2020-12511, CVE-2020-12512, CVE-2020-12513, CVE-2020-12514
MD5 | aa2d5c40642dad8f8d6fe9a2f9666788
OpenCart 3.0.36 Cross Site Request Forgery
Posted Jan 11, 2021
Authored by Mahendra Purbia

OpenCart version 3.0.36 account takeover cross site request forgery exploit.

tags | exploit, csrf
MD5 | 4799d11fbee89c9aa753825d8fac8753
Advanced Webhost Billing System 3.7.0 Cross Site Request Forgery
Posted Jan 6, 2021
Authored by Rahul Ramakant Singh

Advanced Webhost Billing System version 3.7.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 322e1cc37285fbfcaf5ed1c2abb3cf49
Trend Micro IWSVA CSRF / XSS / Bypass / SSRF / Code Execution
Posted Dec 17, 2020
Authored by Wolfgang Ettlinger | Site sec-consult.com

Trend Micro InterScan Web Security Virtual Appliance (IWSVA) versions below 6.5 SP2 EN Patch 4 Build 1919 suffers from bypass, command execution, cross site request forgery, cross site scripting, and server-side request forgery vulnerabilities.

tags | exploit, web, vulnerability, xss, csrf
advisories | CVE-2020-8461, CVE-2020-8462, CVE-2020-8463, CVE-2020-8464, CVE-2020-8465, CVE-2020-8466
MD5 | 0011367f30c2126b8da594f31400e629
Rukovoditel 2.6.1 Cross Site Request Forgery
Posted Dec 14, 2020
Authored by KeopssGroup0day Inc

Rukovoditel version 2.6.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 4b64683a6cbbdaf080d796bd5839739e
OpenAsset Digital Asset Management Cross Site Request Forgery
Posted Dec 11, 2020
Authored by Jack Misiura

OpenAsset Digital Asset Management suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-28858
MD5 | 4ef799a57a5bebf1c7686ee9e8bb591b
OpenCart 3.0.3.6 Cross Site Request Forgery
Posted Dec 10, 2020
Authored by Mahendra Purbia

OpenCart version 3.0.3.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 653b511525bcf3f512b9490ff9ce885f
EgavilanMedia User Registration And Login System With Admin Panel 1.0 CSRF
Posted Dec 2, 2020
Authored by Hardik Solanki

EgavilanMedia User Registration and Login System with Admin Panel version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 2f6b32d07f651352b576dd97c5209593
TypeSetter 5.1 Cross Site Request Forgery
Posted Dec 1, 2020
Authored by Alperen Ergel

TypeSetter version 5.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | b67e8396e549f39a1f6d2f1fe8eb968a
ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password
Posted Nov 24, 2020
Authored by T. Weber, S. Robertz | Site sec-consult.com

ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | b293a0edbfa49250febb13cbf573bd9b
Customer Support System 1.0 Cross Site Request Forgery
Posted Nov 11, 2020
Authored by Ahmed Abbas

Customer Support System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 7cb61348999bd582e9317e96cda8d769
Genexis Platinum-4410 P4410-V2-1.28 Missing Access Control / CSRF
Posted Nov 9, 2020
Authored by Jinson Varghese Behanan

Genexis Platinum-4410 version P4410-V2-1.28 suffers from missing access control and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, bypass, csrf
advisories | CVE-2020-25015
MD5 | 19dd7cfa841cbf52a780424e364979a9
Page 1 of 128
Back12345Next

File Archive:

February 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    33 Files
  • 2
    Feb 2nd
    30 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    8 Files
  • 5
    Feb 5th
    11 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    1 Files
  • 8
    Feb 8th
    37 Files
  • 9
    Feb 9th
    15 Files
  • 10
    Feb 10th
    11 Files
  • 11
    Feb 11th
    26 Files
  • 12
    Feb 12th
    8 Files
  • 13
    Feb 13th
    1 Files
  • 14
    Feb 14th
    1 Files
  • 15
    Feb 15th
    9 Files
  • 16
    Feb 16th
    33 Files
  • 17
    Feb 17th
    6 Files
  • 18
    Feb 18th
    10 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    1 Files
  • 21
    Feb 21st
    1 Files
  • 22
    Feb 22nd
    17 Files
  • 23
    Feb 23rd
    15 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    28 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close