what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 76 - 100 of 3,269

CSRF Files

SOYAL Biometric Access Control System 5.0 Cross Site Request Forgery

Posted Mar 19, 2021

Authored by LiquidWorm | Site zeroscience.mk

SOYAL Biometric Access Control System version 5.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | 93e556f6e1d9d2300afc6b657f1c1067ff56c303dec1b576e8ad9bba10eaa74c

Download | Favorite | View

Online News Portal 1.0 Cross Site Request Forgery / Cross Site Scripting

Posted Mar 19, 2021

Authored by Richard Jones

Online News Portal version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf

SHA-256 | 36546b8fdf46aff96e3dbb1b3966d5afab13e4fe2808a70bd0ac16799e6097cf

Download | Favorite | View

VestaCP 0.9.8 Cross Site Request Forgery

Posted Mar 17, 2021

Authored by Fady Othman

VestaCP version 0.9.8 suffers from a cross site request forgery that can be leveraged to add remote ssh access.

tags | exploit, remote, csrf

advisories | CVE-2021-28379

SHA-256 | d8e5b5595824f47b497814f48567128c28abd86490a24820989a572b16eb6f54

Download | Favorite | View

OpenCMS 11.0.2 Cross Site Request Forgery / Open Redirection

Posted Mar 9, 2021

Authored by Daniel Moreno

OpenCMS version 11.0.2 suffers from cross site request forgery and open redirection vulnerabilities.

tags | exploit, vulnerability, csrf

SHA-256 | 822b8f0065b6805f519eea0db3bdd50fbdac963c4b2fe17513fa35ed63ad0fbc

Download | Favorite | View

e107 CMS 2.3.0 Cross Site Request Forgery

Posted Mar 4, 2021

Authored by Tadjmen

e107 CMS version 2.3.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2021-27885

SHA-256 | 2013ddfa8526bb4e33ae90cfcef37c362b7da19436c141db997f5e57104264f4

Download | Favorite | View

Microsoft Exchange Server msExchEcpCanary CSRF / Privilege Escalation

Posted Feb 24, 2021

Authored by Source Incite | Site github.com

Microsoft Exchange Server has a flaw that exists within the HasValidCanary function inside of the Canary15 class. The issue results in an insecure generation of cross site request forgery tokens that can be used to install an office-addins. An attacker can leverage this vulnerability to escalate privileges to an administrative account.

tags | exploit, csrf

advisories | CVE-2021-24085

SHA-256 | ff865496e0bee101f53c29c316899cda3609c752370953dcd22a507052e91f6b

Download | Favorite | View

Apache MyFaces 2.x Cross Site Request Forgery

Posted Feb 20, 2021

Authored by Wolfgang Ettlinger

Apache MyFaces versions 2.2.13 and below, 2.3.7 and below, 2.3-next-M4 and below, and 2.1 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2021-26296

SHA-256 | 9496fb42b8d7b245393af79c43e00c9737bf7e2ce2f045cabe480e1ebae73876

Download | Favorite | View

Backdoor.Win32.Agent.aak MVID-2021-0095 Code Execution / Cross Site Request Forgery

Posted Feb 18, 2021

Authored by malvuln | Site malvuln.com

Backdoor.Win32.Agent.aak malware suffers from code execution and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, code execution, csrf

systems | windows

SHA-256 | 07877b46ba2c779b236c2561cd70d8a9f3b6e327ed86d6f5a164b87adc2a81d0

Download | Favorite | View

Unibox 2.4 CSRF / Remote Code Execution

Posted Feb 8, 2021

Authored by Kaustubh G. Padwad

Unibox version 2.4 suffers from remote code execution and cross site request forgery vulnerabilities.

tags | exploit, remote, vulnerability, code execution, csrf

SHA-256 | 8dd77b322f43636d3235c2c88700453adfa9865970ffd5dd3a39a083974ecbb8

Download | Favorite | View

Unibox Cross Site Request Forgery

Posted Feb 8, 2021

Authored by Kaustubh G. Padwad

Various Unibox products suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | b2ad463fe05cca881eb2aaa2883ee1d6b019cd543a3dfca94efb14e2e27c91e8

Download | Favorite | View

Pixelimity 1.0 Cross Site Request Forgery

Posted Feb 3, 2021

Authored by Noth

Pixelimity version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2020-23522

SHA-256 | 56e487a336d7c4b8b5102a51dcfc718f025a925af3a9b40e3133b5fe6d7afae6

Download | Favorite | View

bloofoxCMS 0.5.2.1 Cross Site Request Forgery

Posted Feb 1, 2021

Authored by LiPeiYi

bloofoxCMS version 0.5.2.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | 1c18bed6d80622bf90a39e57e8150870f3b7070ddea00e80adaa02b2f07a69fe

Download | Favorite | View

STVS ProVision 5.9.10 Cross Site Request Forgery

Posted Jan 27, 2021

Authored by LiquidWorm | Site zeroscience.mk

STVS ProVision version 5.9.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | bda8da5ba4074ffde06a720da61629ec99f9e38178e55525b86f31b97249e06a

Download | Favorite | View

MyBB Timeline 1.0 Cross Site Request Forgery / Cross Site Scripting

Posted Jan 23, 2021

Authored by 0xB9

MyBB Timeline plugin version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf

SHA-256 | bcfe1b8424be8bbee5ac13a528c0a59af9f53417b35d7b547b6dee50f2d8f6c4

Download | Favorite | View

Selea Targa IP OCR-ANPR Camera Cross Site Request Forgery

Posted Jan 22, 2021

Authored by LiquidWorm | Site zeroscience.mk

Selea Targa IP OCR-ANPR Camera suffers from a cross site request forgery vulnerability that allows for adding an administrator. Multiple versions and firmwares are affected.

tags | exploit, csrf

SHA-256 | 0e5e7a33fdb7ccd0c318840976f8d5c4b76c9123ba263c3dde836ea988c81259

Download | Favorite | View

Anchor CMS 0.12.7 Cross Site Request Forgery

Posted Jan 21, 2021

Authored by Ninad Mishra

Anchor CMS version 0.12.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2020-23342

SHA-256 | 2f75ad7082e071339ac57ce5a574de4d734e9ad408532c857a2f498ec69da3c0

Download | Favorite | View

Online Hotel Reservation System 1.0 Cross Site Request Forgery

Posted Jan 15, 2021

Authored by Mesut Cetin

Online Hotel Reservation System version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | c49c1da76edd9c2305cff54a31dc11fbf4989074dcee25f70f5167c1f15b9374

Download | Favorite | View

PHP-Fusion 9.03.90 Cross Site Request Forgery

Posted Jan 15, 2021

Authored by Mohamed Oosman B S

PHP-Fusion version 9.03.90 suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf

SHA-256 | e3cbe03265f3fd59ae2beb47eb8cd8d894c3dc1d155ac8ae7a8565e32ce238fd

Download | Favorite | View

Pepperl+Fuchs IO-Link Master Series 1.36 CSRF / XSS / Command Injection

Posted Jan 13, 2021

Authored by T. Weber | Site sec-consult.com

Pepperl+Fuchs IO-Link Master Series with system version 1.36 and application version 1.5.28 suffers from command injection, cross site request forgery, cross site scripting, denial of service, and null pointer vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, csrf

advisories | CVE-2020-12511, CVE-2020-12512, CVE-2020-12513, CVE-2020-12514

SHA-256 | c88a68158caf9f8c370f593f1564b9bdfdae8e3ee99f70f86114b5c91c83c7b8

Download | Favorite | View

OpenCart 3.0.36 Cross Site Request Forgery

Posted Jan 11, 2021

Authored by Mahendra Purbia

OpenCart version 3.0.36 account takeover cross site request forgery exploit.

tags | exploit, csrf

SHA-256 | 33efc2a3307d5283ee75ca4d38975eb63513ceae046e98c03956a79c9e78150b

Download | Favorite | View

Advanced Webhost Billing System 3.7.0 Cross Site Request Forgery

Posted Jan 6, 2021

Authored by Rahul Ramakant Singh

Advanced Webhost Billing System version 3.7.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | bc3eb51d27d3ddf82da984c0a0e9b5fcfaa7e62708458fba473d13c34d055205

Download | Favorite | View

Trend Micro IWSVA CSRF / XSS / Bypass / SSRF / Code Execution

Posted Dec 17, 2020

Authored by Wolfgang Ettlinger | Site sec-consult.com

Trend Micro InterScan Web Security Virtual Appliance (IWSVA) versions below 6.5 SP2 EN Patch 4 Build 1919 suffers from bypass, command execution, cross site request forgery, cross site scripting, and server-side request forgery vulnerabilities.

tags | exploit, web, vulnerability, xss, csrf

advisories | CVE-2020-8461, CVE-2020-8462, CVE-2020-8463, CVE-2020-8464, CVE-2020-8465, CVE-2020-8466

SHA-256 | 54396ecfd1b66aed9f010f421531333fb6ee5cf355c17da0019935bb3b4af762

Download | Favorite | View

Rukovoditel 2.6.1 Cross Site Request Forgery

Posted Dec 14, 2020

Authored by KeopssGroup0day Inc

Rukovoditel version 2.6.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | f4650cf2d53f79ae23ab9f04c0ad2a6b05c7c27859d50e06f3d931d7aa3aaa17

Download | Favorite | View

OpenAsset Digital Asset Management Cross Site Request Forgery

Posted Dec 11, 2020

Authored by Jack Misiura

OpenAsset Digital Asset Management suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2020-28858

SHA-256 | 078180c0088a10bb5564b3436104fdcc80f9d53548b5cf7063cb5edac1d63305

Download | Favorite | View

OpenCart 3.0.3.6 Cross Site Request Forgery

Posted Dec 10, 2020

Authored by Mahendra Purbia

OpenCart version 3.0.3.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | 15a4af089ee6938e9f9018d0cd512261bc37456c71fa0bf444ddfb50c1ad376f

Download | Favorite | View