jetlib.sec » Tags » csrf

Feeds

133341 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

201 items tagged "csrf"

Related tags: bugtraq [+], vulnerabilities [+], site [+], day [+], security [+], debian [+], vulnerability [+], xss [+], security vulnerabilities [+], change [+], admin [+], works [+], web [+], tool [+], server [+], security advisory [+], russ mcree [+], request [+], php [+], password fields [+], networking system [+], mike bailey [+], methodology [+], malicious website [+], mahara [+], linux security [+], license server [+], license [+], flatnux [+], directory traversal [+], directory [+], denial of service [+], debian linux [+], cve [+], csrfscanner [+], cross site scripting [+], cross [+], citrix [+], bugzilla [+], advisory [+], zomplog [+], whcms [+], web application [+], username [+], socialcms [+], revou [+], pixelpost [+], password [+], outlook web access [+], outlook [+], ossim [+], open [+], kubelance [+], knowledge base [+], javascript [+], inverseflow [+], gazelle [+], e mail address [+], diamondlist [+], cyclecms [+], couchdb [+], cmscout [+], cisco wag [+], cisco [+], change administrator password [+], campsite [+], cambio [+], bxr [+], blog [+], ariadne [+], ane [+], administrator password [+], admin interface [+], access [+], xsrf [+], webapps [+], cms [+], zimplit [+], yourtube [+], xampp [+], wolf [+], wlm [+], wizmall [+], wireless cable modem [+], wiki [+], whitepaper [+], webui [+], websitebaker [+], webmatic [+], webid [+], webcalendar [+], vwd cms [+], vwd [+], video [+], vam [+], valente online [+], valente [+], user [+], usebb [+], upload [+], twitter [+], traidnt [+], tr forum [+], tomatocms [+], tomatocart [+], token [+], tinypug [+], timeclock [+], tiger [+], thehostingtool [+], sudbox [+], softbiz [+], skybluecanvas [+], sitecom [+], simple 1 [+], simple [+], session fixation [+], seopanel [+], sdrf [+], saurus cms [+], safer use [+], report [+], remote [+], rapidwarex [+], pspopper [+], preference settings [+], power [+], pluck [+], phpautovideo [+], php lance [+], panel [+], oscommerce [+], orbis [+], openfire [+], opencart [+], ocportal [+], nucleuscms [+], news 4 [+], news [+], netgear wireless cable modem gateway [+], netgear wireless cable modem [+], nagios [+], mystic [+], myclientbase [+], multi [+], mot [+], moinmoin [+], message board [+], message [+], meastro [+], manager [+], malicious code [+], made [+], lovecms [+], lms [+], linksys [+], lara [+], knowledge [+], kleeja [+], jobs [+], jamb [+], insight [+], index [+], idevcart [+], idev [+], iclowbidauction [+], hyip [+], hloun [+], grafik [+], gpub [+], getsimple [+], gallery [+], frog [+], forum [+], flyspray [+], fcms [+], extreme [+], exploit [+], ensino [+], elitecms [+], edimax [+], e store [+], dotproject [+], dolphin [+], docuwiki [+], django [+], disclosure [+], diferior [+], dca [+], dating [+], dalbum [+], d link [+], csice [+], croogo [+], control [+], collabtive [+], cmysqlite [+], cmsqlite [+], cmspro [+], cmsimple [+], clantiger [+], clain [+], chilly [+], changer [+], bypass [+], bpswoopo [+], bppennyautobid [+], bpoweritaliano [+], board [+], bloofoxcms [+], base [+], banner exchange [+], banner [+], b multiple [+], authors [+], authentication [+], audio [+], auctions [+], auction [+], archiva [+], apache [+], allomani [+], aiocp [+], affiliate [+], administrative section [+], admin panel [+], admin account [+], actitime [+], abalonesoft [+], multiple [+], htb [+], forgery [+]

• May 13, 2012
• 14:00

  [webapps / 0day] - phpmoneybooks CSRF Vulnerability (Add Admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - phpmoneybooks CSRF Vulnerability (Add Admin)

  Tags:  vulnerability day csrf  

• 14:00

  [webapps / 0day] - MyClientBase CSRF Vulnerability (Add Admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - MyClientBase CSRF Vulnerability (Add Admin)

  Tags:  day csrf myclientbase vulnerability  

• 14:00

  [webapps / 0day] - PHP auctions CSRF Vulnerability (Add Admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - PHP auctions CSRF Vulnerability (Add Admin)

  Tags:  day csrf php vulnerability auctions  

• 14:00

  [webapps / 0day] - Auction XL CSRF Vulnerability (Add Admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Auction XL CSRF Vulnerability (Add Admin)

  Tags:  day auction csrf vulnerability  

• 14:00

  [webapps / 0day] - bloofoxCMS 0.4.0 CSRF Vulnerability (Add Admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - bloofoxCMS 0.4.0 CSRF Vulnerability (Add Admin)

  Tags:  bloofoxcms day csrf vulnerability  

• 14:00

  [webapps / 0day] - i-Gallery CSRF Vulnerability (Add Admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - i-Gallery CSRF Vulnerability (Add Admin)

  Tags:  gallery day csrf vulnerability  

• April 27, 2012
• 14:00

  [webapps / 0day] - Wordpress 3.3.1 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Wordpress 3.3.1 Multiple CSRF Vulnerabilities

  Tags:  multiple day webapps csrf  

• April 18, 2012
• 14:00

  [webapps / 0day] - DocuWiki 2012/01/25 CSRF / XSS

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - DocuWiki 2012/01/25 CSRF / XSS

  Tags:  docuwiki day csrf xss  

• April 05, 2012
• 14:00

  [webapps / 0day] - oscommerce-2.3.1 CSRF Change admin and Password

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - oscommerce-2.3.1 CSRF Change admin and Password

  Tags:  oscommerce day csrf  

• April 04, 2012
• 14:00

  [webapps / 0day] - idev-Payments 1.0 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - idev-Payments 1.0 CSRF Vulnerability

  Tags:  day csrf idev vulnerability  

• 14:00

  [webapps / 0day] - SmartJobBoard 3.4 b5140 XSS / CSRF

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - SmartJobBoard 3.4 b5140 XSS / CSRF

  Tags:  csrf  

• 14:00

  [webapps / 0day] - pluck 4.7 CSRF edit index Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - pluck 4.7 CSRF edit index Vulnerability

  Tags:  day csrf index vulnerability  

• April 01, 2012
• 5:12

  Flatnux CMS 2011 08.09.2 CSRF / XSS / Directory Traversal

   » ‎ Packet Storm Security Exploits
  Flatnux CMS 2011 version 08.09.2 suffers from cross site request forgery, cross site scripting, and directory traversal vulnerabilities.

  Tags:  directory flatnux cms directory-traversal cross-site-scripting csrf  

• 5:12

  Flatnux CMS 2011 08.09.2 CSRF / XSS / Directory Traversal

   » ‎ Packet Storm Security Recent Files
  Flatnux CMS 2011 version 08.09.2 suffers from cross site request forgery, cross site scripting, and directory traversal vulnerabilities.

  Tags:  directory flatnux cms directory-traversal cross-site-scripting csrf  

• 5:12

  Flatnux CMS 2011 08.09.2 CSRF / XSS / Directory Traversal

   » ‎ Packet Storm Security Misc. Files
  Flatnux CMS 2011 version 08.09.2 suffers from cross site request forgery, cross site scripting, and directory traversal vulnerabilities.

  Tags:  directory flatnux cms directory-traversal cross-site-scripting csrf  

• March 31, 2012
• 14:00

  [webapps / 0day] - Dolphin7 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Dolphin7 CSRF Vulnerability

  Tags:  day dolphin csrf vulnerability  

• March 30, 2012
• 14:00

  [webapps / 0day] - dalbum 144 build 174 and earlier CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - dalbum 144 build 174 and earlier CSRF Vulnerabilities

  Tags:  day csrf dalbum  

• March 29, 2012
• 14:00

  [webapps / 0day] - AB Banner Exchange CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - AB Banner Exchange CSRF Vulnerability

  Tags:  banner day webapps csrf banner-exchange  

• March 28, 2012
• 14:00

  [webapps / 0day] - ReVou Micro Blogging CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - ReVou Micro Blogging CSRF Vulnerability

  Tags:  day revou webapps csrf vulnerability  

• March 26, 2012
• 14:00

  [webapps / 0day] - AJ HYIP CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - AJ HYIP CSRF Vulnerability

  Tags:  day hyip webapps csrf  

• March 25, 2012
• 14:00

  [webapps / 0day] - PM Report CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - PM Report CSRF Vulnerability

  Tags:  day report csrf webapps vulnerability  

• March 22, 2012
• 15:00

  [webapps / 0day] - Sitecom WLM-2501 CSRF Vulnerabilities [2]

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Sitecom WLM-2501 CSRF Vulnerabilities [2]

  Tags:  wlm day sitecom csrf  

• March 16, 2012
• 15:00

  [webapps / 0day] - FlexCMS 3.2.1 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - FlexCMS 3.2.1 Multiple CSRF Vulnerabilities

  Tags:  multiple day webapps csrf  

• March 15, 2012
• 20:02

  Citrix License Server 11.6.1 Build 10007 CSRF

   » ‎ Packet Storm Security Exploits
  Citrix License Server version 11.6.1 build 10007 suffers from cross site request forgery and denial of service vulnerabilities.

  Tags:  server citrix license license-server csrf denial-of-service  

• 20:02

  Citrix License Server 11.6.1 Build 10007 CSRF

   » ‎ Packet Storm Security Recent Files
  Citrix License Server version 11.6.1 build 10007 suffers from cross site request forgery and denial of service vulnerabilities.

  Tags:  server citrix license license-server csrf denial-of-service  

• 20:02

  Citrix License Server 11.6.1 Build 10007 CSRF

   » ‎ Packet Storm Security Misc. Files
  Citrix License Server version 11.6.1 build 10007 suffers from cross site request forgery and denial of service vulnerabilities.

  Tags:  server citrix license license-server csrf denial-of-service  

• March 14, 2012
• 15:00

  [webapps / 0day] - iDevCart 1.0 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - iDevCart 1.0 CSRF Vulnerability

  Tags:  idevcart day csrf vulnerability  

• 15:00

  [webapps / 0day] - BPSwoopo CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - BPSwoopo CSRF Vulnerability

  Tags:  day csrf bpswoopo vulnerability  

• 15:00

  [webapps / 0day] - BPPennyAutoBid CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - BPPennyAutoBid CSRF Vulnerability

  Tags:  day csrf bppennyautobid vulnerability  

• 15:00

  [webapps / 0day] - ICLowBidAuction CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - ICLowBidAuction CSRF Vulnerability

  Tags:  day iclowbidauction csrf vulnerability  

• 15:00

  [webapps / 0day] - ReVou Micro Blogging (Twitter clone) CSRF

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - ReVou Micro Blogging (Twitter clone) CSRF

  Tags:  day revou webapps csrf twitter  

• March 13, 2012
• 15:00

  [webapps / 0day] - Dating Pro CSRF (change e-mail address)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Dating Pro CSRF (change e-mail address)

  Tags:  day dating csrf e-mail-address  

• 15:00

  [webapps / 0day] - Php-lance CSRF (add admin) Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Php-lance CSRF (add admin) Vulnerability

  Tags:  day php-lance csrf vulnerability  

• 15:00

  [webapps / 0day] - BPowerItaliano CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - BPowerItaliano CSRF Vulnerability

  Tags:  bpoweritaliano day csrf vulnerability  

• March 12, 2012
• 15:00

  [webapps / 0day] - Affiliate Pro CSRF (change e-mail address)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Affiliate Pro CSRF (change e-mail address)

  Tags:  day affiliate csrf e-mail-address  

• 15:00

  [webapps / 0day] - Kubelance CSRF (add new admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Kubelance CSRF (add new admin)

  Tags:  day kubelance csrf  

• 15:00

  [webapps / 0day] - psPopper 3.0 CSRF (change password)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - psPopper 3.0 CSRF (change password)

  Tags:  day csrf pspopper  

• March 11, 2012
• 15:00

  [webapps / 0day] - Ad Manager Pro CSRF Vuln (add admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Ad Manager Pro CSRF Vuln (add admin)

  Tags:  day manager webapps csrf  

• 15:00

  [webapps / 0day] - A.M.Y CSRF (change admin password)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - A.M.Y CSRF (change admin password)

  Tags:  day csrf webapps  

• February 26, 2012
• 14:00

  [webapps / 0day] - Hloun v1.0.x => xss csrf to inject php code

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Hloun v1.0.x => xss csrf to inject php code

  Tags:  day hloun csrf  

• February 24, 2012
• 15:38

  Bugzilla Cross Site Request Forgery

   » ‎ Packet Storm Security Advisories
  Bugzilla Security Advisory - Due to a lack of validation of the enctype form attribute when making POST requests to xmlrpc.cgi, a possible CSRF vulnerability was discovered in Bugzilla versions 4.0.2 through 4.0.4 and 4.1.1 through 4.2rc2.

  Tags:  bugzilla cross site csrf security-advisory forgery  

• 15:38

  Bugzilla Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Bugzilla Security Advisory - Due to a lack of validation of the enctype form attribute when making POST requests to xmlrpc.cgi, a possible CSRF vulnerability was discovered in Bugzilla versions 4.0.2 through 4.0.4 and 4.1.1 through 4.2rc2.

  Tags:  bugzilla cross site csrf security-advisory forgery  

• 15:38

  Bugzilla Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Bugzilla Security Advisory - Due to a lack of validation of the enctype form attribute when making POST requests to xmlrpc.cgi, a possible CSRF vulnerability was discovered in Bugzilla versions 4.0.2 through 4.0.4 and 4.1.1 through 4.2rc2.

  Tags:  bugzilla cross site csrf security-advisory forgery  

• February 16, 2012
• 14:00

  [webapps / 0day] - SocialCMS CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - SocialCMS CSRF Vulnerability

  Tags:  day csrf socialcms vulnerability  

• February 09, 2012
• 14:00

  [webapps / 0day] - Pluck cms v4.7 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Pluck cms v4.7 CSRF Vulnerability

  Tags:  pluck day csrf vulnerability cms  

• February 07, 2012
• 14:00

  [webapps / 0day] - Flyspray 0.9.9.6 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Flyspray 0.9.9.6 CSRF Vulnerability

  Tags:  day csrf flyspray vulnerability  

• January 30, 2012
• 14:00

  [webapps / 0day] - 4images 1.7.6 > 9 Csrf inject php code

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - 4images 1.7.6 > 9 Csrf inject php code

  Tags:  day csrf php  

• January 26, 2012
• 14:00

  [webapps / 0day] - VR GPub 4.0 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - VR GPub 4.0 CSRF Vulnerability

  Tags:  day gpub csrf vulnerability  

• January 25, 2012
• 9:00

  Bugtraq: CSRF (Cross-Site Request Forgery) in DClassifieds

   » ‎ SecurityFocus Vulnerabilities
  CSRF (Cross-Site Request Forgery) in DClassifieds

  Tags:  request csrf site forgery  

• December 11, 2011
• 14:00

  [webapps / 0day] - FCMS_2.7.2 cms and earlier multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - FCMS_2.7.2 cms and earlier multiple CSRF Vulnerabilities

  Tags:  day csrf fcms cms  

• 14:00

  [webapps / 0day] - UseBB 1.0.14 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - UseBB 1.0.14 CSRF Vulnerability

  Tags:  day usebb csrf vulnerability  

• December 01, 2011
• 7:37

  CSRFScanner 1.0

   » ‎ Packet Storm Security Recent Files
  CSRFSCanner is a tool designed to identify the forms potentially vulnerable to CSRF/XSRF on a website. This detection is made on forms that are only accessible by logged-in users (cookies are needed to find these forms). The methodology used to identify these forms is the 4-pass reverse diff analysis. Then, in order to determine if a form may be vulnerable, the tool analyzes hidden and password fields to find an anti-CSRF token.

  Tags:  tool csrf csrfscanner password-fields methodology  

• 7:37

  CSRFScanner 1.0

   » ‎ Packet Storm Security Tools
  CSRFSCanner is a tool designed to identify the forms potentially vulnerable to CSRF/XSRF on a website. This detection is made on forms that are only accessible by logged-in users (cookies are needed to find these forms). The methodology used to identify these forms is the 4-pass reverse diff analysis. Then, in order to determine if a form may be vulnerable, the tool analyzes hidden and password fields to find an anti-CSRF token.

  Tags:  tool csrf csrfscanner password-fields methodology  

• 7:37

  CSRFScanner 1.0

   » ‎ Packet Storm Security Misc. Files
  CSRFSCanner is a tool designed to identify the forms potentially vulnerable to CSRF/XSRF on a website. This detection is made on forms that are only accessible by logged-in users (cookies are needed to find these forms). The methodology used to identify these forms is the 4-pass reverse diff analysis. Then, in order to determine if a form may be vulnerable, the tool analyzes hidden and password fields to find an anti-CSRF token.

  Tags:  tool csrf csrfscanner password-fields methodology  

• October 22, 2011
• 21:00

  [webapps / 0day] - InverseFlow v2.4 CSRF Vulnerabilities (Add Admin User)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - InverseFlow v2.4 CSRF Vulnerabilities (Add Admin User)

  Tags:  inverseflow day webapps csrf  

• 14:00

  [webapps / 0day] - InverseFlow v2.4 CSRF Vulnerabilities (Add Admin User)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - InverseFlow v2.4 CSRF Vulnerabilities (Add Admin User)

  Tags:  inverseflow day webapps csrf  

• October 03, 2011
• 17:34

  NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF Vulnerabilities

   » ‎ SecuriTeam
  Basic authentication is used as the primary and only authentication mechanism for the administrator interface on the device. Additionally, due to the lack of CSRF protection in the web application, the bypass attack can be coupled with CSRF.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  authentication csrf bypass netgear-wireless-cable-modem wireless-cable-modem netgear-wireless-cable-modem-gateway  

• September 07, 2011
• 21:00

  [webapps / 0day] - AM4SS 1.2 CSRF add admin Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - AM4SS 1.2 CSRF add admin Vulnerability

  Tags:  day admin csrf vulnerability  

• August 08, 2011
• 21:00

  [webapps / 0day] - WebCalendar CVS v1.2 Multiple (CSRF/XSRF) Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - WebCalendar CVS v1.2 Multiple (CSRF/XSRF) Vulnerabilities

  Tags:  day webcalendar webapps csrf  

• July 31, 2011
• 21:00

  [webapps / 0day] - CMSPro! 2.08 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - CMSPro! 2.08 CSRF Vulnerability

  Tags:  cmspro day csrf vulnerability  

• July 05, 2011
• 21:00

  [webapps / 0day] - Joomla 1.6.3 CSRF Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Joomla 1.6.3 CSRF Exploit

  Tags:  day csrf webapps  

• June 17, 2011
• 21:00

  [webapps / 0day] - WeBid v1.0.2 Multiple Remote (CSRF) Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - WeBid v1.0.2 Multiple Remote (CSRF) Vulnerabilities

  Tags:  day webid webapps csrf  

• May 31, 2011
• 8:01

  Bugtraq: [CVE-2011-1026] Apache Archiva Multiple CSRF vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  [CVE-2011-1026] Apache Archiva Multiple CSRF vulnerabilities

  Tags:  archiva multiple apache csrf bugtraq cve  

• May 21, 2011
• 21:00

  [webapps / 0day] - Collabtive v065 Multiple (CSRF/XSRF) Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Collabtive v065 Multiple (CSRF/XSRF) Vulnerabilities

  Tags:  multiple day collabtive csrf  

• May 20, 2011
• 21:00

  [webapps / 0day] - NucleusCMS v3.64 Multiple (CSRF) Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - NucleusCMS v3.64 Multiple (CSRF) Vulnerabilities

  Tags:  day nucleuscms webapps csrf  

• May 12, 2011
• 14:00

  Bugtraq: HTB22978: XSRF (CSRF) in Argyle Social

   » ‎ SecurityFocus Vulnerabilities
  HTB22978: XSRF (CSRF) in Argyle Social

  Tags:  htb xsrf csrf  

• 9:00

  Bugtraq: HTB22980: XSRF (CSRF) in Open Classifieds

   » ‎ SecurityFocus Vulnerabilities
  HTB22980: XSRF (CSRF) in Open Classifieds

  Tags:  htb xsrf csrf  

• May 10, 2011
• 21:00

  [webapps / 0day] - seoPanel (v.2.2.1) Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - seoPanel (v.2.2.1) Multiple CSRF Vulnerabilities

  Tags:  multiple day seopanel csrf  

• 21:00

  [webapps / 0day] - Wolf CMS (v.0.7.5) Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Wolf CMS (v.0.7.5) Multiple CSRF Vulnerabilities

  Tags:  wolf day webapps csrf cms  

• 10:03

  Bugtraq: HTB22977: XSRF (CSRF) in poMMo

   » ‎ SecurityFocus Vulnerabilities
  HTB22977: XSRF (CSRF) in poMMo

  Tags:  htb xsrf csrf  

• May 05, 2011
• 9:00

  Bugtraq: HTB22971: XSRF (CSRF) in PHPDug

   » ‎ SecurityFocus Vulnerabilities
  HTB22971: XSRF (CSRF) in PHPDug

  Tags:  htb xsrf csrf  

• May 03, 2011
• 12:00

  Bugtraq: HTB22963: CSRF (Cross-Site Request Forgery) in SelectaPix Image Gallery

   » ‎ SecurityFocus Vulnerabilities
  HTB22963: CSRF (Cross-Site Request Forgery) in SelectaPix Image Gallery

  Tags:  htb csrf site bugtraq forgery  

• April 28, 2011
• 9:00

  Bugtraq: HTB22959: CSRF (Cross-Site Request Forgery) in phpGraphy

   » ‎ SecurityFocus Vulnerabilities
  HTB22959: CSRF (Cross-Site Request Forgery) in phpGraphy

  Tags:  request csrf site bugtraq forgery  

• April 26, 2011
• 9:00

  Bugtraq: HTB22957: XSRF (CSRF) in phpList

   » ‎ SecurityFocus Vulnerabilities
  HTB22957: XSRF (CSRF) in phpList

  Tags:  htb xsrf csrf  

• April 23, 2011
• 21:00

  [webapps / 0day] - Ariadne 2.7.4 (CSRF) Change Administrator Password

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Ariadne 2.7.4 (CSRF) Change Administrator Password

  Tags:  day change csrf ariadne administrator-password change-administrator-password webapps  

• 14:00

  [webapps / 0day] - Ariadne 2.7.4 (CSRF) Change Administrator Password

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Ariadne 2.7.4 (CSRF) Change Administrator Password

  Tags:  day change csrf ariadne administrator-password change-administrator-password webapps  

• April 20, 2011
• 14:00

  [webapps / 0day] - SocialCMS1.0.2 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - SocialCMS1.0.2 Multiple CSRF Vulnerabilities

  Tags:  multiple day socialcms csrf  

• April 19, 2011
• 11:00

  Bugtraq: HTB22941: CSRF (Cross-Site Request Forgery) in Dalbum

   » ‎ SecurityFocus Vulnerabilities
  HTB22941: CSRF (Cross-Site Request Forgery) in Dalbum

  Tags:  htb csrf site bugtraq forgery  

• April 14, 2011
• 10:00

  Bugtraq: HTB22923: XSRF (CSRF) in phpAlbum.net

   » ‎ SecurityFocus Vulnerabilities
  HTB22923: XSRF (CSRF) in phpAlbum.net

  Tags:  csrf  

• April 07, 2011
• 9:00

  Bugtraq: HTB22916: XSRF (CSRF) in phpCollab

   » ‎ SecurityFocus Vulnerabilities
  HTB22916: XSRF (CSRF) in phpCollab

  Tags:  htb xsrf csrf  

• April 05, 2011
• 8:01

  Bugtraq: HTB22913: Multiple CSRF (Cross-Site Request Forgery) in UseBB

   » ‎ SecurityFocus Vulnerabilities
  HTB22913: Multiple CSRF (Cross-Site Request Forgery) in UseBB

  Tags:  multiple htb csrf forgery  

• March 31, 2011
• 9:03

  Bugtraq: HTB22910: XSRF (CSRF) in Feng Office

   » ‎ SecurityFocus Vulnerabilities
  HTB22910: XSRF (CSRF) in Feng Office

  Tags:  csrf  

• 9:00

  Bugtraq: HTB22908: XSRF (CSRF) in Collabtive

   » ‎ SecurityFocus Vulnerabilities
  HTB22908: XSRF (CSRF) in Collabtive

  Tags:  csrf  

• March 29, 2011
• 17:17

  Debian Security Advisory 2206-1

   » ‎ Packet Storm Security Advisories
  Debian Linux Security Advisory 2206-1 - Two security vulnerabilities have been discovered in Mahara, a fully featured electronic portfolio, weblog, resume builder and social networking system. A security review commissioned by a Mahara user discovered that Mahara processes unsanitized input which can lead to cross-site scripting (XSS). Mahara Developers discovered that Mahara doesn't check the session key under certain circumstances which can be exploited as cross-site request forgery (CSRF) and can lead to the deletion of blogs.

  Tags:  mahara debian security security-vulnerabilities networking-system csrf  

• 17:17

  Debian Security Advisory 2206-1

   » ‎ Packet Storm Security Recent Files
  Debian Linux Security Advisory 2206-1 - Two security vulnerabilities have been discovered in Mahara, a fully featured electronic portfolio, weblog, resume builder and social networking system. A security review commissioned by a Mahara user discovered that Mahara processes unsanitized input which can lead to cross-site scripting (XSS). Mahara Developers discovered that Mahara doesn't check the session key under certain circumstances which can be exploited as cross-site request forgery (CSRF) and can lead to the deletion of blogs.

  Tags:  mahara debian security security-vulnerabilities networking-system csrf  

• 17:17

  Debian Security Advisory 2206-1

   » ‎ Packet Storm Security Misc. Files
  Debian Linux Security Advisory 2206-1 - Two security vulnerabilities have been discovered in Mahara, a fully featured electronic portfolio, weblog, resume builder and social networking system. A security review commissioned by a Mahara user discovered that Mahara processes unsanitized input which can lead to cross-site scripting (XSS). Mahara Developers discovered that Mahara doesn't check the session key under certain circumstances which can be exploited as cross-site request forgery (CSRF) and can lead to the deletion of blogs.

  Tags:  mahara debian security security-vulnerabilities networking-system csrf  

• March 24, 2011
• 8:00

  Bugtraq: HTB22898: XSRF (CSRF) in Ripe website manager

   » ‎ SecurityFocus Vulnerabilities
  HTB22898: XSRF (CSRF) in Ripe website manager

  Tags:  htb xsrf csrf  

• March 15, 2011
• 8:00

  Bugtraq: HTB22886: XSRF (CSRF) in LotusCMS

   » ‎ SecurityFocus Vulnerabilities
  HTB22886: XSRF (CSRF) in LotusCMS

  Tags:  htb xsrf csrf  

• March 11, 2011
• 14:00

  [webapps / 0day] - AbaloneSoft Technologies CSRF Vulnerability (Add Admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - AbaloneSoft Technologies CSRF Vulnerability (Add Admin)

  Tags:  day csrf abalonesoft vulnerability  

• March 06, 2011
• 14:00

  [webapps / 0day] - N-13 News 4.0 CSRF Vulnerability (Add Admin)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - N-13 News 4.0 CSRF Vulnerability (Add Admin)

  Tags:  news day csrf webapps news-4 vulnerability  

• March 04, 2011
• 7:00

  Bugtraq: [DCA-2011-0003]: LMS Web Ensino - Multiple XSS, Session Fixation, CSRF and SQL Injection

   » ‎ SecurityFocus Vulnerabilities
  [DCA-2011-0003]: LMS Web Ensino - Multiple XSS, Session Fixation, CSRF and SQL Injection

  Tags:  ensino web lms csrf dca session-fixation  

• February 25, 2011
• 13:00

  Bugtraq: Re: Linksys Cisco Wag120N CSRF Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Re: Linksys Cisco Wag120N CSRF Vulnerability

  Tags:  bugtraq vulnerability csrf cisco-wag cisco  

• 11:00

  Bugtraq: Linksys Cisco Wag120N CSRF Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Linksys Cisco Wag120N CSRF Vulnerability

  Tags:  bugtraq vulnerability csrf cisco-wag linksys cisco  

• February 14, 2011
• 13:32

  Debian Security Advisory 2163-1

   » ‎ Packet Storm Security Advisories
  Debian Linux Security Advisory 2163-1 - Several vulnerabilities were discovered in the django web development framework. For several reasons the internal CSRF protection was not used to validate ajax requests in the past. However, it was discovered that this exception can be exploited with a combination of browser plugins and redirects and thus is not sufficient. It was discovered that the file upload form is prone to cross-site scripting attacks via the file name.

  Tags:  advisory debian security csrf linux-security debian-linux  

• 13:32

  Debian Security Advisory 2163-1

   » ‎ Packet Storm Security Recent Files
  Debian Linux Security Advisory 2163-1 - Several vulnerabilities were discovered in the django web development framework. For several reasons the internal CSRF protection was not used to validate ajax requests in the past. However, it was discovered that this exception can be exploited with a combination of browser plugins and redirects and thus is not sufficient. It was discovered that the file upload form is prone to cross-site scripting attacks via the file name.

  Tags:  advisory debian security csrf linux-security debian-linux  

• 13:32

  Debian Security Advisory 2163-1

   » ‎ Packet Storm Security Misc. Files
  Debian Linux Security Advisory 2163-1 - Several vulnerabilities were discovered in the django web development framework. For several reasons the internal CSRF protection was not used to validate ajax requests in the past. However, it was discovered that this exception can be exploited with a combination of browser plugins and redirects and thus is not sufficient. It was discovered that the file upload form is prone to cross-site scripting attacks via the file name.

  Tags:  advisory debian security csrf linux-security debian-linux  

• February 08, 2011
• 14:00

  [webapps / 0day] - AIOCP 1.4.001 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - AIOCP 1.4.001 CSRF Vulnerability

  Tags:  aiocp day csrf vulnerability  

• 14:00

  [webapps / 0day] - dotProject 2.1.5 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - dotProject 2.1.5 CSRF Vulnerability

  Tags:  day csrf dotproject vulnerability  

• January 11, 2011
• 14:00

  [webapps / 0day] - whCMS 0.115 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - whCMS 0.115 CSRF Vulnerability

  Tags:  day whcms csrf vulnerability  

• 14:00

  [webapps / 0day] - Cambio 0.5a CSRF Vulnerabiliity

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Cambio 0.5a CSRF Vulnerabiliity

  Tags:  day cambio csrf  

• 9:00

  Bugtraq: XSRF (CSRF) in diafan.CMS

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in diafan.CMS

  Tags:  xsrf csrf cms  

• 9:00

  Bugtraq: XSRF (CSRF) in Cambio

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in Cambio

  Tags:  cambio xsrf csrf  

• 9:00

  Bugtraq: XSRF (CSRF) in whCMS

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in whCMS

  Tags:  xsrf whcms csrf  

• 8:00

  Bugtraq: XSRF (CSRF) in VaM Shop

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in VaM Shop

  Tags:  xsrf csrf vam  

• January 06, 2011
• 14:00

  [webapps / 0day] - PHP MicroCMS 1.0.1 CSRF and XSS Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - PHP MicroCMS 1.0.1 CSRF and XSS Vulnerabilities

  Tags:  day php webapps csrf xss vulnerabilities  

• 14:00

  [webapps / 0day] - Openfire 3.6.4 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Openfire 3.6.4 Multiple CSRF Vulnerabilities

  Tags:  openfire day webapps csrf  

• January 05, 2011
• 11:00

  Bugtraq: Multiple CSRF Vulnerabilities in Openfire 3.6.4 Administrative Section

   » ‎ SecurityFocus Vulnerabilities
  Multiple CSRF Vulnerabilities in Openfire 3.6.4 Administrative Section

  Tags:  vulnerabilities multiple csrf administrative-section  

• January 02, 2011
• 14:00

  [webapps / 0day] - YourTube v1.0 CSRF Vulnerability (Add User)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - YourTube v1.0 CSRF Vulnerability (Add User)

  Tags:  day csrf yourtube vulnerability  

• December 30, 2010
• 10:01

  Bugtraq: CSRF (Cross-Site Request Forgery) in Open blog

   » ‎ SecurityFocus Vulnerabilities
  CSRF (Cross-Site Request Forgery) in Open blog

  Tags:  request csrf site forgery blog  

• December 29, 2010
• 14:00

  [webapps / 0day] - LoveCMS 1.6.2 - CSRF Code Injection Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - LoveCMS 1.6.2 - CSRF Code Injection Vulnerability

  Tags:  day lovecms csrf vulnerability  

• December 25, 2010
• 14:00

  [webapps / 0day] - Traidnt Up 3.0 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Traidnt Up 3.0 CSRF Vulnerability

  Tags:  day traidnt csrf vulnerability  

• December 17, 2010
• 14:00

  [webapps / 0day] - D-Link DIR-300 CSRF Vulnerability (Change Admin Account Settings)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - D-Link DIR-300 CSRF Vulnerability (Change Admin Account Settings)

  Tags:  d-link day webapps csrf admin-account  

• December 09, 2010
• 14:00

  [webapps / 0day] - CMScout 2.09 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - CMScout 2.09 CSRF Vulnerability

  Tags:  day csrf cmscout vulnerability  

• 14:00

  [webapps / 0day] - CMScout 2.09 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - CMScout 2.09 CSRF Vulnerability

  Tags:  day csrf cmscout vulnerability  

• 8:00

  Bugtraq: XSRF (CSRF) in CMScout

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in CMScout

  Tags:  csrf  

• November 30, 2010
• 11:44

  HP Insight Control Power Management for Windows CSS and CSRF Vulnerabilities

   » ‎ SecuriTeam
  Potential security vulnerabilities have been identified in HP Insight Control Power Management for Windows.

  -

  Make your website safer. Use external penetration testing service. First report ready in one hour!

  Tags:  control insight power security-vulnerabilities csrf safer-use  

• October 27, 2010
• 14:00

  [webapps / 0day] - Zomplog v3.9 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Zomplog v3.9 CSRF Vulnerability

  Tags:  day csrf zomplog vulnerability  

• 14:00

  [webapps / 0day] - Zomplog v3.9 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Zomplog v3.9 CSRF Vulnerability

  Tags:  day csrf zomplog vulnerability  

• October 25, 2010
• 14:00

  [webapps / 0day] - Jamb CSRF Arbitrary Add a Post

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Jamb CSRF Arbitrary Add a Post

  Tags:  day csrf jamb  

• October 13, 2010
• 12:00

  Bugtraq: XSRF (CSRF) in Lara

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in Lara

  Tags:  xsrf csrf lara  

• October 01, 2010
• 8:00

  Bugtraq: Re: XSRF (CSRF) in Zimplit

   » ‎ SecurityFocus Vulnerabilities
  Re: XSRF (CSRF) in Zimplit

  Tags:  zimplit xsrf csrf  

• September 22, 2010
• 14:00

  [webapps / 0day] - Skybluecanvas.v1.1-r248 CSRF vulnirabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - Skybluecanvas.v1.1-r248 CSRF vulnirabilities

  Tags:  day csrf skybluecanvas  

• September 20, 2010
• 14:00

  [webapps / 0day] - VWD-CMS CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - VWD-CMS CSRF Vulnerability

  Tags:  day csrf vwd-cms webapps vwd  

• September 15, 2010
• 15:52

  pixelpost v1.7.3 CSRF change admin password

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  pixelpost v1.7.3 CSRF change admin password

  Tags:  pixelpost change csrf  

• 14:00

  [webapps / 0day] - pixelpost v1.7.3 CSRF change admin password

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  [webapps / 0day] - pixelpost v1.7.3 CSRF change admin password

  Tags:  pixelpost day csrf  

• 9:00

  Bugtraq: XSRF (CSRF) in SantaFox

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in SantaFox

  Tags:  bugtraq xsrf csrf  

• September 13, 2010
• 0:00

  Vuln: Django CSRF Token HTML Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Django CSRF Token HTML Injection Vulnerability

  Tags:  token django csrf vulnerability  

• August 26, 2010
• 9:00

  Bugtraq: XSRF (CSRF) in Webmatic

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in Webmatic

  Tags:  xsrf csrf webmatic  

• August 23, 2010
• 18:47

  onsec-whitepaper-01.eng.pdf

   » ‎ Packet Storm Security Misc. Files
  Whitepaper called SDRF Vulnerability in Web Applications and Browsers. Like the known CSRF (Cross-Site Request Forgery) vulnerability, SDRF falsifies HTTP requests of users, but in contrast to CSRF, it forges the requests, that are send by a user to the same domain, where the malicious code, that exploits the vulnerability, is located.

  Tags:  vulnerability csrf sdrf whitepaper malicious-code forgery  

• August 17, 2010
• 17:01

  CVE-2010-2234.txt

   » ‎ Packet Storm Security Recent Files
  Apache CouchDB versions prior to version 0.11.1 are vulnerable to cross site request forgery (CSRF) attacks. A malicious website can POST arbitrary JavaScript code to well known CouchDB installation URLs (like http://localhost:5984/) and make the browser execute the injected JavaScript in the security context of CouchDB's admin interface Futon.

  Tags:  javascript couchdb cve malicious-website csrf admin-interface  

• 17:01

  CVE-2010-2234.txt

   » ‎ Packet Storm Security Advisories
  Apache CouchDB versions prior to version 0.11.1 are vulnerable to cross site request forgery (CSRF) attacks. A malicious website can POST arbitrary JavaScript code to well known CouchDB installation URLs (like http://localhost:5984/) and make the browser execute the injected JavaScript in the security context of CouchDB's admin interface Futon.

  Tags:  javascript couchdb cve malicious-website csrf admin-interface  

• August 16, 2010
• 10:00

  Bugtraq: XSRF (CSRF) in CMSimple

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in CMSimple

  Tags:  cmsimple xsrf csrf  

• August 14, 2010
• 4:06

  Valente Online CMS Meastro - CSRF Add Admin Account

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Valente Online CMS Meastro - CSRF Add Admin Account

  Tags:  meastro csrf cms valente-online valente  

• 4:06

  Saurus CMS Admin Panel Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Saurus CMS Admin Panel Multiple CSRF Vulnerabilities

  Tags:  admin panel cms saurus-cms csrf admin-panel  

• August 13, 2010
• 8:00

  Bugtraq: XSRF (CSRF) in Mystic

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in Mystic

  Tags:  xsrf mystic csrf  

• August 12, 2010
• 16:03

  Kleeja Upload - CSRF Change Admin Password

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Kleeja Upload - CSRF Change Admin Password

  Tags:  upload csrf kleeja  

• August 09, 2010
• 16:47

  wizmall 6.4 CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  wizmall 6.4 CSRF Vulnerabilities

  Tags:  vulnerabilities csrf wizmall  

• 13:00

  Bugtraq: Nagios XI 2009R1.2B Multiple CSRF

   » ‎ SecurityFocus Vulnerabilities
  Nagios XI 2009R1.2B Multiple CSRF

  Tags:  bugtraq csrf nagios b-multiple  

• August 05, 2010
• 15:01

  Bugtraq: XSRF (CSRF) in Open blog

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in Open blog

  Tags:  xsrf csrf open  

• 14:00

  Bugtraq: XSRF (CSRF) in DiamondList

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in DiamondList

  Tags:  xsrf diamondlist csrf  

• 13:00

  Bugtraq: XSRF (CSRF) in BXR

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in BXR

  Tags:  xsrf csrf bxr  

• 3:56

  DiamondList v0.1.6 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  DiamondList v0.1.6 CSRF Vulnerability

  Tags:  vulnerability diamondlist csrf  

• 3:56

  BXR v0.6.8 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  BXR v0.6.8 CSRF Vulnerability

  Tags:  vulnerability csrf bxr  

• 3:56

  Open Blog v1.2.1 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Open Blog v1.2.1 CSRF Vulnerability

  Tags:  blog csrf open vulnerability  

• July 21, 2010
• 1:00

  Outlook Web Access 2003 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Outlook Web Access 2003 CSRF Vulnerability

  Tags:  access outlook web outlook-web-access csrf vulnerability  

• 1:00

  Outlook Web Access 2003 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Outlook Web Access 2003 CSRF Vulnerability

  Tags:  access outlook web outlook-web-access csrf vulnerability  

• July 16, 2010
• 1:00

  ActiTime 2.0-MA CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  ActiTime 2.0-MA CSRF Vulnerability

  Tags:  vulnerability csrf actitime  

• July 15, 2010
• 1:00

  eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  eXtreme Message Board 1.9.11 Multiple CSRF Vulnerabilities

  Tags:  board message extreme csrf message-board  

• July 13, 2010
• 1:00

  Diferior CMS 8.03 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Diferior CMS 8.03 Multiple CSRF Vulnerabilities

  Tags:  multiple diferior cms vulnerabilities csrf  

• July 12, 2010
• 1:00

  TheHostingTool v1.2.2 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  TheHostingTool v1.2.2 Multiple CSRF Vulnerabilities

  Tags:  multiple csrf thehostingtool  

• 1:00

  GetSimple CMS v2.01 (XSS/CSRF) Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  GetSimple CMS v2.01 (XSS/CSRF) Vulnerabilities

  Tags:  getsimple csrf cms xss vulnerabilities  

• 1:00

  Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Grafik CMS 1.1.2 Multiple CSRF Vulnerabilities

  Tags:  multiple cms grafik vulnerabilities csrf  

• July 11, 2010
• 1:00

  ClanTiger Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  ClanTiger Multiple CSRF Vulnerabilities

  Tags:  multiple clantiger csrf  

• 1:00

  Orbis CMS v1.0.2 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Orbis CMS v1.0.2 Multiple CSRF Vulnerabilities

  Tags:  multiple csrf cms orbis  

• 1:00

  TomatoCMS 2.0.5 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  TomatoCMS 2.0.5 Multiple CSRF Vulnerabilities

  Tags:  multiple csrf tomatocms vulnerabilities  

• 1:00

  TomatoCart 1.0.1 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  TomatoCart 1.0.1 Multiple CSRF Vulnerabilities

  Tags:  multiple tomatocart csrf vulnerabilities  

• 1:00

  Frog CMS 0.9.5 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Frog CMS 0.9.5 Multiple CSRF Vulnerabilities

  Tags:  multiple cms frog csrf  

• July 05, 2010
• 1:00

  bbPress 1.0.2 [CSRF ] change admin password

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  bbPress 1.0.2 [CSRF ] change admin password

  Tags:  admin change csrf  

• July 03, 2010
• 1:00

  Xampp 1.7.3 CSRF and Password disclosure Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Xampp 1.7.3 CSRF and Password disclosure Vulnerability

  Tags:  password xampp csrf vulnerability disclosure  

• June 29, 2010
• 1:00

  Allomani - E-Store v1.0 - [CSRF] Add Admin Account

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Allomani - E-Store v1.0 - [CSRF] Add Admin Account

  Tags:  e-store allomani csrf  

• June 28, 2010
• 1:00

  CMSQlite & CMySQLite CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  CMSQlite & CMySQLite CSRF Vulnerability

  Tags:  csrf cmysqlite cmsqlite vulnerability  

• June 19, 2010
• 1:00

  WebsiteBaker 2.8.1 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  WebsiteBaker 2.8.1 CSRF Vulnerability

  Tags:  websitebaker vulnerability csrf  

• June 17, 2010
• 1:00

  Planet 1.1 - [CSRF] Add Admin Account

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Planet 1.1 - [CSRF] Add Admin Account

  Tags:  csrf  

• May 26, 2010
• 1:00

  RapidWareX v2.0.1 (WebUI) CSRF Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  RapidWareX v2.0.1 (WebUI) CSRF Exploit

  Tags:  webui rapidwarex csrf  

• May 21, 2010
• 10:00

  Bugtraq: XSRF (CSRF) in ocPortal

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in ocPortal

  Tags:  ocportal xsrf csrf  

• May 04, 2010
• 8:00

  Bugtraq: XSRF (CSRF) in eliteCMS

   » ‎ SecurityFocus Vulnerabilities
  XSRF (CSRF) in eliteCMS

  Tags:  xsrf csrf elitecms  

• April 27, 2010
• 1:00

  Boutique SudBox 1.2 Changer Login et Mot de Passe CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Boutique SudBox 1.2 Changer Login et Mot de Passe CSRF Vulnerability

  Tags:  sudbox mot changer csrf vulnerability  

• April 25, 2010
• 1:00

  TR Forum 1.5 insert admin CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  TR Forum 1.5 insert admin CSRF Vulnerability

  Tags:  vulnerability forum csrf tr-forum  

• April 20, 2010
• 16:00

  Bugtraq: CSRF in e107

   » ‎ SecurityFocus Vulnerabilities
  CSRF in e107

  Tags:  bugtraq csrf  

• April 18, 2010
• 1:00

  60cycleCMS V 2.5.3 CSRF Change Username & Password Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  60cycleCMS V 2.5.3 CSRF Change Username & Password Exploit

  Tags:  username cyclecms csrf  

• April 16, 2010
• 1:00

  60cycleCMS V 2.5.2 CSRF Change Username & Password Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  60cycleCMS V 2.5.2 CSRF Change Username & Password Exploit

  Tags:  username cyclecms csrf  

• April 03, 2010
• 1:00

  Edimax AR-7084GA Router CSRF + Persistent XSS Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Edimax AR-7084GA Router CSRF + Persistent XSS Exploit

  Tags:  exploit csrf edimax  

• April 02, 2010
• 1:00

  CMS Made Simple 1.7 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  CMS Made Simple 1.7 CSRF Vulnerability

  Tags:  simple made cms csrf simple-1 vulnerability  

• 1:00

  OSSIM 2.2.1 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  OSSIM 2.2.1 CSRF Vulnerability

  Tags:  vulnerability csrf ossim  

• 1:00

  68kb Knowledge Base v1.0.0rc3 edit main settings CSRF

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  68kb Knowledge Base v1.0.0rc3 edit main settings CSRF

  Tags:  csrf knowledge-base  

• 1:00

  68kb Knowledge Base v1.0.0rc3 admin CSRF

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  68kb Knowledge Base v1.0.0rc3 admin CSRF

  Tags:  knowledge csrf base knowledge-base  

• April 01, 2010
• 14:00

  Bugtraq: CSRF Vulnerability in OSSIM 2.2.1

   » ‎ SecurityFocus Vulnerabilities
  CSRF Vulnerability in OSSIM 2.2.1

  Tags:  vulnerability csrf ossim  

• March 20, 2010
• 3:00

  Multi CSRF vulnerability in DirectAdmin (1.34.4)

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Multi CSRF vulnerability in DirectAdmin (1.34.4)

  Tags:  vulnerability csrf multi  

• March 17, 2010
• 13:16

  Chilly CMS CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Chilly CMS CSRF Vulnerability

  Tags:  chilly csrf cms vulnerability  

• March 16, 2010
• 13:00

  CSICE XSS and CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  CSICE XSS and CSRF Vulnerability

  Tags:  xss csice csrf vulnerability  

• 13:00

  chilly_CMS CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  chilly_CMS CSRF Vulnerability

  Tags:  vulnerability csrf cms  

• 13:00

  Clain_TIger_CMS CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Clain_TIger_CMS CSRF Vulnerability

  Tags:  tiger clain cms csrf vulnerability  

• March 12, 2010
• 9:01

  USN-911-1.txt

   » ‎ Packet Storm Security Advisories
  Ubuntu Security Notice 911-1 - It was discovered that several wiki actions and preference settings in MoinMoin were not protected from cross-site request forgery (CSRF). If an authenticated user were tricked into visiting a malicious website while logged into MoinMoin, a remote attacker could change the user's configuration or wiki content. It was discovered that MoinMoin did not properly sanitize its input when processing user preferences. An attacker could enter malicious content which when viewed by a user, could render in unexpected ways.

  Tags:  user wiki moinmoin malicious-website preference-settings csrf  

• 5:00

  Ane CMS CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Ane CMS CSRF Vulnerability

  Tags:  csrf ane cms vulnerability  

• March 11, 2010
• 9:00

  Ane CMS CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Ane CMS CSRF Vulnerability

  Tags:  csrf ane cms vulnerability  

• 5:00

  Campsite v3.3.5 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Campsite v3.3.5 CSRF Vulnerability

  Tags:  vulnerability campsite csrf  

• 5:00

  Anantasoft Gazelle CMS CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Anantasoft Gazelle CMS CSRF Vulnerability

  Tags:  gazelle csrf cms vulnerability  

• March 10, 2010
• 11:00

  Anantasoft Gazelle CMS CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Anantasoft Gazelle CMS CSRF Vulnerability

  Tags:  gazelle csrf cms vulnerability  

• 6:00

  Campsite v3.3.5 CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Campsite v3.3.5 CSRF Vulnerability

  Tags:  vulnerability campsite csrf  

• February 25, 2010
• 21:14

  [Video] CSRF: Yeah, It Still Works

   » ‎ SecDocs
  Authors: Mike Bailey Russ McRee
  Tags: web application CSRF
  Event: DEFCON 17
  

  Tags:  video works csrf russ-mcree mike-bailey web-application  

• 21:14

  [Audio] CSRF: Yeah, It Still Works

   » ‎ SecDocs
  Authors: Mike Bailey Russ McRee
  Tags: web application CSRF
  Event: DEFCON 17
  

  Tags:  audio works csrf russ-mcree mike-bailey  

• 21:14

  [Slides] CSRF: Yeah, It Still Works

   » ‎ SecDocs
  Authors: Mike Bailey Russ McRee
  Tags: web application CSRF
  Event: DEFCON 17
  

  Tags:  authors works csrf russ-mcree mike-bailey web-application  

• February 23, 2010
• 14:00

  Tinypug CSRF Password Change

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Tinypug CSRF Password Change

  Tags:  tinypug password csrf  

• 10:00

  Softbiz Jobs CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Softbiz Jobs CSRF Vulnerability

  Tags:  softbiz csrf jobs vulnerability  

• 2:00

  cPanel Multiple CSRF Vulnerabilities

   » ‎ darkc0de
  cPanel Multiple CSRF Vulnerabilities

  Tags:  multiple csrf  

• February 22, 2010
• 8:00

  cPanel Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  cPanel Multiple CSRF Vulnerabilities

  Tags:  multiple csrf  

• February 20, 2010
• 7:00

  TimeClock CSRF Remote Add Admin Exploit

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  TimeClock CSRF Remote Add Admin Exploit

  Tags:  remote csrf timeclock  

• February 19, 2010
• 8:00

  phpAutoVideo CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  phpAutoVideo CSRF Vulnerability

  Tags:  phpautovideo vulnerability csrf  

• February 07, 2010
• 13:00

  KubeLance 1.7.6 (Add Admin) CSRF Vulnerability

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  KubeLance 1.7.6 (Add Admin) CSRF Vulnerability

  Tags:  admin kubelance csrf vulnerability  

• 13:00

  Croogo v1.2.1 Multiple CSRF Vulnerabilities

   » ‎ 1337day (was: Inj3ct0r, 1337db)
  Croogo v1.2.1 Multiple CSRF Vulnerabilities

  Tags:  multiple csrf croogo  

• February 02, 2010
• 9:00

  Bugtraq: OpenCart CSRF Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  OpenCart CSRF Vulnerability

  Tags:  vulnerability opencart csrf