Exploit the possiblities
Showing 26 - 50 of 2,770 RSS Feed

CSRF Files

NethServer 7.3.1611 Upload.json CSRF Script Insertion
Posted Aug 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

NethServer version 7.3.1611 suffers from a cross site request forgery script insertion vulnerability in Upload.json.

tags | exploit, csrf
MD5 | a9980262ca1346b7e14b6a1188a41a1d
Matrimony 2.7 Cross Site Request Forgery
Posted Aug 28, 2017
Authored by Ali BawazeEer

Matrimony version 2.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 739ff1451258b5d5a264b09d0b92a4b1
Apache2Triad 1.5.4 CSRF / XSS / Session Fixation
Posted Aug 21, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Apache2Triad version 1.5.4 suffers from session fixation, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2017-12965, CVE-2017-12970, CVE-2017-12971
MD5 | 5f84ac13f6c4c57a37441585b0a25c8b
RealTime RWR-3G-100 Router Cross Site Request Forgery
Posted Aug 12, 2017
Authored by Touhid M.Shaikh

RealTime RWR-3G-100 router suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 120da48c843debac3d5408298c077151
Pluck CMS 4.7.4 Cross Site Request Forgery
Posted Aug 11, 2017
Authored by Und3rgr0und, Ehsan Cod3r

Pluck CMS version 4.7.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | f0fe9f58ada019c0bc6f3621d00c2e1f
DALIM SOFTWARE ES Core 5.0 Build 7184.1 XSS / CSRF
Posted Aug 9, 2017
Authored by LiquidWorm | Site zeroscience.mk

DALIM SOFTWARE ES Core version 5.0 build 7184.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | f45967f142034d6fe2d841c45f04a738
WordPress YouTube Embed Plus 11.8.1 Cross Site Request Forgery
Posted Jul 26, 2017
Authored by Tom Adams

WordPress YouTube Embed Plus plugin version 11.8.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | ea7597e199209fb2c929ee36c93e054e
Dasan Networks GPON ONT WiFi Router H64X Series Cross Site Request Forgery
Posted Jul 13, 2017
Authored by LiquidWorm | Site zeroscience.mk

Dasan Networks GPON ONT WiFi Router H64X Series suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | f8789c203d45686a1478547c8f7ef85b
Schneider Electric Pelco Sarix/Spectra Cameras CSRF Enable SSH Root Access
Posted Jul 11, 2017
Authored by LiquidWorm | Site zeroscience.mk

Pelco IP cameras suffer from a cross site request forgery vulnerability. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web, csrf
MD5 | 7cab066459f46bedf6175289966aec2e
Pulse Connect Secure 8.3R1 CSRF / XSS
Posted Jul 10, 2017
Authored by sxcurity | Site insecurity.zone

Pulse Connect Secure version 8.3R1 suffer from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | f881d55ec2c771f14be93daa0a0887bf
RSA Archer GRC 6.2.0.2 CSRF / XSS / Bypass / Open Redirect
Posted Jul 1, 2017
Site emc.com

RSA Archer GRC version 6.2.0.2 suffers from bypass, cross site request forgery, information disclosure, open redirection, and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure, csrf
advisories | CVE-2017-4998, CVE-2017-4999, CVE-2017-5000, CVE-2017-5001, CVE-2017-5002
MD5 | 6cf471214abe6297b8b4c071b0aa43fd
Kaspersky Anti-Virus File Server 8.0.3.297 XSS / CSRF / Code Execution
Posted Jun 29, 2017
Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Kaspersky Anti-Virus for Linux File Server version 8.0.3.297 suffers from remote code execution, cross site request forgery, cross site scripting, security bypass, information disclosure, and path traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, virus, xss, info disclosure, csrf
systems | linux
advisories | CVE-2017-9810, CVE-2017-9811, CVE-2017-9812, CVE-2017-9813
MD5 | 834309bd7c681fce682800c2b27a31c0
D-Link DIR-100 Brute Force / Cross Site Request Forgery
Posted Jun 26, 2017
Authored by MustLive

D-Link DIR-100 suffers from brute force and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | b8b887922adc51bf8cd2293906751d38
WonderCMS 2.1.0 Cross Site Request Forgery
Posted Jun 20, 2017
Authored by Zerox Security Lab

WonderCMS version 2.1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 8dd441fa404a60b175fca0bd626ee043
SimpleCE 2.3.0 Cross Site Request Forgery / Cross Site Scripting
Posted Jun 15, 2017
Authored by 8bitsec

SimpleCE version 2.3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 9585ae5beaede1fd55c691c3d1c2f53e
Invision Power Board 4.1.19.2 XSS / CSRF / File Upload / Disclosure
Posted Jun 14, 2017
Authored by Project Insecurity, CDL, dkb | Site insecurity.zone

Invision Power Board version 4.1.19.2 suffers from reflective and stored cross site scripting, cross site request forgery, information disclosure, file upload, and shell access vulnerabilities.

tags | exploit, shell, vulnerability, xss, info disclosure, file upload, csrf
MD5 | a22518e9d6c3e73504202b0d32770349
Robert 0.5 CSRF / XSS / Directory Traversal / SQL Injection
Posted Jun 7, 2017
Authored by Cyril Vallicari

Robert version 0.5 suffers from cross site request forgery, cross site scripting, remote SQL injection, and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion, csrf
MD5 | cfd060cdd873a90420373f8cc4f97108
Peplink 7.0.0-build1904 XSS / CSRF / SQL Injection / File Deletion
Posted Jun 5, 2017
Authored by Eric Sesterhenn, Claus Overbeck

Peplink version 7.0.0-build1904 suffers from cross site request forgery, cross site scripting, file deletion, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2017-8835, CVE-2017-8836, CVE-2017-8837, CVE-2017-8838, CVE-2017-8839, CVE-2017-8840, CVE-2017-8841
MD5 | 36d56c06b635fb1596ea43530b5b607e
Subsonic 6.1.1 Persistent XSS
Posted Jun 3, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Remote attackers can abuse the "Subscribe to Podcast" feature of Subsonic 6.1.1 to store persistent XSS payloadsif an authenticated user clicks a malicious link or visits an attacker controlled webpage.

tags | exploit, remote, csrf
advisories | CVE-2017-9414
MD5 | 75781fa859d6d75c6a7786692df6ec8c
Subsonic 6.1.1 Server Side Request Forgery
Posted Jun 3, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Remote attackers can abuse the Podcast feature of subsonic to launch Server Side Request Forgery attacks from the subsonic server if an authenticated user clicks a malicious link or visits an attacker controlled webpage.

tags | exploit, remote, csrf
advisories | CVE-2017-9413
MD5 | a2b09d2527ad59b05aab04f9625f9618
Subsonic 6.1.1 Password Reset Cross Site Request Forgery
Posted Jun 3, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Subsonic media streaming server can allow a remote attacker to reset account passwords if usernames are known and victims click a malicious link.

tags | exploit, remote, csrf
MD5 | c0b7a9d078f87d27a0bd9759794033d1
Debian Security Advisory 3870-1
Posted Jun 1, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3870-1 - Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks.

tags | advisory, remote, web, vulnerability, xss, csrf
systems | linux, debian
advisories | CVE-2017-8295, CVE-2017-9061, CVE-2017-9062, CVE-2017-9063, CVE-2017-9064, CVE-2017-9065
MD5 | 34393add3f849a2fcd80e1d68c82c1e4
Trend Micro ServerProtect Disclosure / CSRF / XSS
Posted May 24, 2017
Authored by Alberto Solino, Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com

Trend Micro ServerProtect suffers from information disclosure, manipulation, cross site request forgery, cross site scripting, and various other vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
advisories | CVE-2017-9032, CVE-2017-9033, CVE-2017-9034, CVE-2017-9035, CVE-2017-9036, CVE-2017-9037
MD5 | 351e7980ee3be97f07ceb95ec237ce90
Mantis Bug Tracker 1.3.10 / 2.3.0 Cross Site Request Forgery
Posted May 22, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Mantis Bug Tracker versions 1.3.10 and 2.3.0 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-7620
MD5 | 41e0b9f5db14efa67c836d0f2df4b6f0
Apache Archiva 2.2.1 Cross Site Request Forgery
Posted May 21, 2017
Authored by Martin S

Apache Archiva versions 2.0.0 through 2.2.1 suffer from multiple cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf
advisories | CVE-2017-5657
MD5 | 1ab7f438819b236c0d36318e7f4791d8
Page 2 of 111
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close