what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 25 of 3,180

CSRF Files

Selea Targa IP OCR-ANPR Camera Cross Site Request Forgery

Posted Jan 22, 2021

Authored by LiquidWorm | Site zeroscience.mk

Selea Targa IP OCR-ANPR Camera suffers from a cross site request forgery vulnerability that allows for adding an administrator. Multiple versions and firmwares are affected.

tags | exploit, csrf

MD5 | be38ae0d2e3c159a66288558c320fb05

Download | Favorite | View

Anchor CMS 0.12.7 Cross Site Request Forgery

Posted Jan 21, 2021

Authored by Ninad Mishra

Anchor CMS version 0.12.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2020-23342

MD5 | 531e88f62d5b3b0859e9fbe1287e363c

Download | Favorite | View

Online Hotel Reservation System 1.0 Cross Site Request Forgery

Posted Jan 15, 2021

Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | fb9e7a0cd6253ffe05b2cf9641cb64f7

Download | Favorite | View

PHP-Fusion 9.03.90 Cross Site Request Forgery

Posted Jan 15, 2021

Authored by Mohamed Oosman B S

PHP-Fusion version 9.03.90 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf

MD5 | a76b7516f7ee7034ed0e11633425eb87

Download | Favorite | View

Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection

Posted Jan 13, 2021

Authored by T. Weber | Site sec-consult.com

Pepperl+Fuchs IO-Link Master Series with system version 1.36 and application version 1.5.28 suffers from command injection, cross site request forgery, cross site scripting, denial of service, and null pointer vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, csrf

advisories | CVE-2020-12511, CVE-2020-12512, CVE-2020-12513, CVE-2020-12514

MD5 | aa2d5c40642dad8f8d6fe9a2f9666788

Download | Favorite | View

OpenCart 3.0.36 Cross Site Request Forgery

Posted Jan 11, 2021

Authored by Mahendra Purbia

OpenCart version 3.0.36 account takeover cross site request forgery exploit.

tags | exploit, csrf

MD5 | 4799d11fbee89c9aa753825d8fac8753

Download | Favorite | View

Advanced Webhost Billing System 3.7.0 Cross Site Request Forgery

Posted Jan 6, 2021

Authored by Rahul Ramakant Singh

Advanced Webhost Billing System version 3.7.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 322e1cc37285fbfcaf5ed1c2abb3cf49

Download | Favorite | View

Trend Micro IWSVA CSRF / XSS / Bypass / SSRF / Code Execution

Posted Dec 17, 2020

Authored by Wolfgang Ettlinger | Site sec-consult.com

Trend Micro InterScan Web Security Virtual Appliance (IWSVA) versions below 6.5 SP2 EN Patch 4 Build 1919 suffers from bypass, command execution, cross site request forgery, cross site scripting, and server-side request forgery vulnerabilities.

tags | exploit, web, vulnerability, xss, csrf

advisories | CVE-2020-8461, CVE-2020-8462, CVE-2020-8463, CVE-2020-8464, CVE-2020-8465, CVE-2020-8466

MD5 | 0011367f30c2126b8da594f31400e629

Download | Favorite | View

Rukovoditel 2.6.1 Cross Site Request Forgery

Posted Dec 14, 2020

Authored by KeopssGroup0day Inc

Rukovoditel version 2.6.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 4b64683a6cbbdaf080d796bd5839739e

Download | Favorite | View

OpenAsset Digital Asset Management Cross Site Request Forgery

Posted Dec 11, 2020

Authored by Jack Misiura

OpenAsset Digital Asset Management suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2020-28858

MD5 | 4ef799a57a5bebf1c7686ee9e8bb591b

Download | Favorite | View

OpenCart 3.0.3.6 Cross Site Request Forgery

Posted Dec 10, 2020

Authored by Mahendra Purbia

OpenCart version 3.0.3.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 653b511525bcf3f512b9490ff9ce885f

Download | Favorite | View

EgavilanMedia User Registration And Login System With Admin Panel 1.0 CSRF

Posted Dec 2, 2020

Authored by Hardik Solanki

EgavilanMedia User Registration and Login System with Admin Panel version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 2f6b32d07f651352b576dd97c5209593

Download | Favorite | View

TypeSetter 5.1 Cross Site Request Forgery

Posted Dec 1, 2020

Authored by Alperen Ergel

TypeSetter version 5.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | b67e8396e549f39a1f6d2f1fe8eb968a

Download | Favorite | View

ZTE MF253V 1.0.0B04 XSS / CSRF / Hardcoded Password

Posted Nov 24, 2020

Authored by T. Weber, S. Robertz | Site sec-consult.com

ZTE WLAN router MF253V version 1.0.0B04 suffers from cross site request forgery, hardcoded password, outdated component, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf

MD5 | b293a0edbfa49250febb13cbf573bd9b

Download | Favorite | View

Customer Support System 1.0 Cross Site Request Forgery

Posted Nov 11, 2020

Authored by Ahmed Abbas

Customer Support System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 7cb61348999bd582e9317e96cda8d769

Download | Favorite | View

Genexis Platinum-4410 P4410-V2-1.28 Missing Access Control / CSRF

Posted Nov 9, 2020

Authored by Jinson Varghese Behanan

Genexis Platinum-4410 version P4410-V2-1.28 suffers from missing access control and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, bypass, csrf

advisories | CVE-2020-25015

MD5 | 19dd7cfa841cbf52a780424e364979a9

Download | Favorite | View

Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure

Posted Nov 5, 2020

Authored by Wolfgang Ettlinger, T. Serafin | Site sec-consult.com

Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities.

tags | exploit, vulnerability, csrf

advisories | CVE-2020-27016, CVE-2020-27017, CVE-2020-27018, CVE-2020-27019, CVE-2020-27693, CVE-2020-27694

MD5 | dfa15ee9d60763987a67c4ef7525645a

Download | Favorite | View

Red Hat Security Advisory 2020-4743-01

Posted Nov 4, 2020

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4743-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include buffer overflow, bypass, cross site request forgery, denial of service, heap overflow, information leakage, and out of bounds read vulnerabilities.

tags | advisory, web, denial of service, overflow, vulnerability, csrf

systems | linux, redhat

advisories | CVE-2019-12520, CVE-2019-12521, CVE-2019-12523, CVE-2019-12524, CVE-2019-12526, CVE-2019-12528, CVE-2019-12529, CVE-2019-12854, CVE-2019-18676, CVE-2019-18677, CVE-2019-18678, CVE-2019-18679, CVE-2019-18860, CVE-2020-14058, CVE-2020-15049, CVE-2020-24606, CVE-2020-8449, CVE-2020-8450

MD5 | 9d6e01336e2e2755764b1fc2058759d5

Download | Favorite | View

Genexis Platinum-4410 P4410-V2-1.28 Cross Site Request Forgery

Posted Oct 29, 2020

Authored by Mohammed Farhan

Genexis Platinum-4410 version P4410-V2-1.28 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 146fa3e7e680262eec3c8a7849e57ef6

Download | Favorite | View

WordPress SuperStoreFinder 6.1 CSRF / Shell Upload

Posted Oct 20, 2020

Authored by Joe Iz

WordPress SuperStoreFinder plugin version 6.1 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf

MD5 | d65d9b7ecb896e5b99b319e01822cb42

Download | Favorite | View

Textpattern CMS 4.6.2 Cross Site Request Forgery

Posted Oct 20, 2020

Authored by Alperen Ergel

Textpattern CMS version 4.6.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | b753353b69cc27b5e38d093ff1af5070

Download | Favorite | View

Garfield Petshop 2020-10-01 Cross Site Request Forgery

Posted Oct 9, 2020

Authored by Ramdan Yantu

Garfield Petshop versions through 2020-10-01 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2020-26522

MD5 | 4dd5cb174256b2a2948831c7b09734c3

Download | Favorite | View

Liman 0.7 Cross Site Request Forgery

Posted Oct 7, 2020

Authored by George Tsimpidas

Liman version 0.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | ae4e8264074f4eb543f72f74611a05fd

Download | Favorite | View

RocketLinx Series Authentication Bypass / CSRF / Command Injection

Posted Oct 5, 2020

Authored by T. Weber | Site sec-consult.com

RocketLinx Series suffers from unauthenticated device administration, backdoor account, cross site request forgery, command injection, and unauthenticated tftp action vulnerabilities. Multiple versions are affected.

tags | advisory, vulnerability, csrf

advisories | CVE-2020-12500, CVE-2020-12501, CVE-2020-12502, CVE-2020-12503, CVE-2020-12504

MD5 | 9664ca8388506a40ebc5918326533f75

Download | Favorite | View

SpinetiX Fusion Digital Signage 3.4.8 Cross Site Request Forgery

Posted Oct 1, 2020

Authored by LiquidWorm | Site zeroscience.mk

SpinetiX Fusion Digital Signage version 3.4.8 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | b11d34cdcd9290c7637a7fddb59c490c

Download | Favorite | View