jetlib.sec » Tags » forgery

Feeds

268045 items (2 unread) in 27 feeds

• 0day.today (was: 1337day, Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines (2 unread)
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

1537 items tagged "forgery"

Related tags: web applications [+], party plugin [+], injection [+], cubecart [+], vulnerability [+], site [+], template [+], subrion [+], third party [+], testlink [+], symantec [+], search version [+], redirection [+], photo search [+], osticket [+], messaging [+], gateway version [+], gateway [+], access [+], wall [+], search api [+], search [+], plus [+], photo [+], multiple [+], csrf [+], white label [+], white [+], tp link [+], td w [+], snare [+], simple 1 [+], simple [+], rsa [+], orangehrm [+], nexpose [+], netwitness [+], manageengine [+], linux [+], informer [+], console [+], confluence [+], casper [+], cross site scripting [+], zpanel [+], yourarcadescript [+], yealink [+], webid [+], web interface [+], way [+], vamcart [+], ultimate [+], topbar [+], time [+], text password [+], system [+], suite [+], spent [+], sofaware [+], snare for linux [+], sms [+], silverstripe [+], shopping cart [+], shopping [+], sexy [+], session cookies [+], security researchers [+], sciretech [+], sahifa [+], restful [+], remote shell [+], publisher [+], poor implementation [+], plugin version [+], phone [+], panes [+], opendocman [+], notices [+], netsweeper [+], ncentral [+], ncc group [+], n cross [+], n adsl [+], multiple users [+], multimedia manager [+], monitoring [+], modx [+], modem router [+], mdm [+], manager [+], link td w [+], letodms [+], jira [+], javascript execution [+], ip phone [+], insecure [+], inout [+], information disclosure [+], inclusion [+], ifobs [+], html requests [+], heartbeat [+], functionality [+], firmware versions [+], extra [+], disclosure [+], direct access [+], denial of service [+], default [+], cpanel [+], commerce [+], cmsqlite [+], checkpoint [+], cart cross [+], cart [+], bypass [+], bugtraq [+], booking system [+], booking [+], awcm [+], atlassian [+], article base [+], article [+], application [+], abuse [+], webapps [+], thunderbird [+], security vulnerabilities [+], seamonkey [+], mozilla firefox [+], mozilla [+], matthew joyce [+], firefox [+], day [+], api [+], cms [+], wordpress [+], sql injection [+], security [+], xss [+], xivo [+], xavi [+], video module [+], video [+], uri [+], tomcat [+], sonicwall [+], sonicos [+], server [+], sap [+], router [+], ross site [+], red hat [+], red [+], point [+], plugin [+], openshift [+], open [+], ocportal [+], netweaver [+], mspcentral [+], m0n0wall [+], link [+], liang [+], label [+], infosphere [+], information disclosure vulnerability [+], ibm [+], hat [+], guardium [+], ftp server [+], ftp [+], for [+], edge [+], dx contribute [+], dell [+], cve id [+], cve [+], concourseconnect [+], cerberus [+], cdn [+], apache tomcat [+], apache [+], adsl [+], administrative account [+], sql [+], security advisory [+], secunia [+], drupal [+], advisory [+], cross [+], request [+], web [+], vulnerabilities [+], realty [+], zxdsl, zte, zoph, zolsoft, zip, zimplit, zikula, zenprise, zenphoto, zen cart, zazavi, yourtube, xsrfleakage, xsrf, xmb, x7 chat, x versions, wrt54g, wp recaptcha, wolfcms, wolf cms, wolf, wlm, wishlist, wire, wikiwebhelp, widget, whmcs, whitepaper, whcms, websphere application server, websphere, websitebaker, website, webserver version, websense, webmanager pro, webmanager, webjaxe, weberp, webcalendar, web server, web security, watchdek, wag, visinia, viewer, video version, video site, video library, viart, version 6, version, vcalendar, vbulletin, vault, vam, vacation, utw, utm, ushahidi, useresponse, usebb, usa, url, uptime, uploader, upload, umi, u s robotics, typo, txt, trend micro interscan, trend, tree, traversal, travel portal, travel, traidnt, tplink, tomatocart, tom gallagher, tinypug, tinycms, timesheet, timeclock, tikiwiki, tiki wiki, tiger cms, ticket, thehostingtool, tgz, textpattern, tastydir, system 1, syndeocms, sybase, swat, suse manager, suse, support incident, super, suffers, subuser, submissions, store, stoneware, stable, ssrt, squirrelmail, sqlxsrf, sql ledger, spml, splunk, south korean, south, softbiz, socketmail, social networking, social, smoothwall express, smoothwall, smf, smartjobboard, sitecom, sit, singtel, simplemeta, simple machines, shoutcaststats, shop, shell, session management, session hijacking, session, serverscheck, server version, server admin, series, seopanel, selectapix, seditio, security bulletin, sdrf, scripting, script version, script, scribe, sap netweaver, santilga, samba swat, samba, sagem, safer use, ruubik, ruby on rails, ruby, roller, ripe, revolution, resource location, research, request system, reorder, rentals, rental, remote administrator, remote administration, released, recordpress, reboot, razorcms, rapidwarex, quotemanager, quicksilver, quick, pyrocms, pulse, ptk 1, ptk, psa, proof of concept, project forum, professional version, product catalog, product, preventing, preparing, pre, pragyan, ppc, power management, potential security vulnerability, post, portal script, portal, pommo, pollution, poll, poken, plumecms, pluck, plogger, pligg, planet, pixie, phplist, phpkf, phpgraphy, phpgallery, phpdug, phpcollab, phpbb, phpautovideo, phpalbum, php nuke, php, persian, performance, pdf, pbx, pbboard, path, password, paper, panel, pandora fms, pandora, package, pacific, owa, outlook web access, ossim, osfilemanager, organizer version, organizer, orbis, oracle database, oracle, openx, openwrt, openfire, opencart, onefilecms, onecms, onarcade, omnitouch, office server, office 1, office, number 6, nucleuscms, npds, nooms, node, ninkobb, ngenuity, news 4, news, new, networx, network management, netsaro, netbill, nagios, mysms, mylittleforum, mutare, musicshop, multimedia version, multimedia library, multimedia, movies, mosets, month, monstra, mojoportal, module versions, module, moderation, moaub, miniblog, micro, mevin, message board, message, mediawiki, mbean, marka, manager pro, management homepage, management, mambo, malicious code, malicious attacker, mail, mahara, magnolia, maestro, made, lovecms, lotus, log, liveupdate, litespeed, lite, listing, linksys wrt54gl router, linksys wrt54gl, linksys wag54gs, linksys, links, linkdirectory, link td , link directory, limny, limit, liferay, library version, lara xsrf, lara, laniuscms, lanius, kusaba, kubelance, kubeblog, korean, knowledge base, kleeja, kehorne, kaibb, joomla, jobs, jforum, jboss as deploying wars with the deploymentfilerepository mbean, jboss, jaow, isupport, ispot, ipn, introduction, interscan, interphoto, internetshop, internet filter, interface, instant, insight, incident, impersonation, immophp, images, image, idev, ibm websphere application server, ibm omnifind, hyperic, hycus, huawei, html, htb, hscart, hpsbma, hp system, hosting directory, hosting, home ftp, home, hierarchy, handler, guppy, grup, groupware, groupoffice, group, grafik, gpub, gpeasy, google, glpi, glassfish, genu, gazelle cms, gazelle, gateway router, gamesite, game, gallery 1, gallery, front, from, frog, friendly, freelancer, framework version, forum version, forum 1, forum, forkcms, folder creation, fms, flyspray, flexcms, fix, firmware, firewall, firebug, filter, filmis, file upload, file deletion, file, festos, feng, fcms, family, facebook, extreme, extplorer, exponent, exploit, evolution, event, esyndicat, enterprise server, enterprise manager, enterprise application, enterprise, engine, energine, endian, emembers, elitecms, electron, easy, e store, e mail, dynpage, drupal cms, dragonfly, dove, dotproject, dorg, docuwiki, docsis 3, docsis, dms easy, diy, discovery, directory version, directory traversal, directory, directadmin, digivendor, digital, digishop, digimall, digiebay, diferior, diafan, dflabs, device manager, device, development group, development, dev, deploymentfilerepository, denial, default administrator password, dcs, dclassifieds, database, dap, dalbum, d link, cyclecms xsrf, cycle, cvs, cute, cups, csice, cross site, croogo, couchdb, corelan, control performance, control panel 1, control, continuum, content, contaocms, concrete, concoursesuite, comtrend, communication suite, communication, comment, command execution, command, comersus, comcast, com, collabtive, code execution, code, cmysqlite, cmspro, cmsmadesimple xsrf, cmsmadesimple, cmsimple, cmscout, clips, clipbucket, clearspot, clear, classifieds, classic, clan, cisco wag, cisco linksys, cisco dpc, cisco, chuck willis tags, chuck willis, chmod, chillycms, chilly, cherokee, checker, chat, change administrator password, car portal, car, campsite, cambio, callisto, c01, byethost, buzz, businessdirectory, business, bugzilla, buffer overflow, brute force, browserid, brewblogger, brekeke, bptutors, book, boastmachine, blog, black hat, bkis, billing system, billing, bigace, beta cross, beta, bedita, basic, banner manager, banner, ban, balitbang, backdoor, axous, autosave, automatic, autohost, authentication, audio, atutor, aspcode, articledirectory, ariadne, argyle, archiva, application server, application platform, application framework, apc, ane, anantasoft, amethyst, alstrasoft, alpha cross, alpha, allomani, alfa 1, alfa, alegrocart, akismet, ajax, aiocp, agenda 2, agenda, affiliates, afaria, aeromail, advanced, adult video, adult, adspy, adsl router, adsl modems, administrator password, administrator, administrative password, admin privileges, admin password, addressbook, address, adaptcms, activecms, actitime, accounting 2, accounting, account, abysssec, abyss web server, abyss, abalonesoft, aardvark, a.m.y. cross, a.m.y, Topics, Support, Forums, Bugs, 2wire

• January 04, 2013
• 16:49

  Nexpose Security Console Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  Nexpose Security Console versions prior to 5.5.3 suffer from multiple cross site request forgery vulnerabilities.

  Tags:  console nexpose security forgery  

• 16:49

  Nexpose Security Console Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Nexpose Security Console versions prior to 5.5.3 suffer from multiple cross site request forgery vulnerabilities.

  Tags:  console nexpose security forgery  

• 16:49

  Nexpose Security Console Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Nexpose Security Console versions prior to 5.5.3 suffer from multiple cross site request forgery vulnerabilities.

  Tags:  console nexpose security forgery  

• 7:00

  Bugtraq: CVE-2012-6493 - Nexpose Security Console - Cross-Site Request Forgery (CSRF)

   » ‎ SecurityFocus Vulnerabilities
  CVE-2012-6493 - Nexpose Security Console - Cross-Site Request Forgery (CSRF)

  Tags:  nexpose console security forgery cve  

• 2:11

  160By2 / Way2SMS Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  160By2.com and Way2SMS.com suffer from a cross site request forgery vulnerability.

  Tags:  sms cross way forgery vulnerability  

• 2:11

  160By2 / Way2SMS Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  160By2.com and Way2SMS.com suffer from a cross site request forgery vulnerability.

  Tags:  sms cross way forgery vulnerability  

• 2:11

  160By2 / Way2SMS Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  160By2.com and Way2SMS.com suffer from a cross site request forgery vulnerability.

  Tags:  sms cross way forgery vulnerability  

• January 02, 2013
• 15:01

  osTicket 1.6 ST CSRF / SQL Injection

   » ‎ Packet Storm Security Exploits
  osTicket version 1.6 stable suffers from cross site request forgery and remote blind SQL injection vulnerabilities.

  Tags:  osticket injection sql sql-injection csrf forgery  

• 15:01

  osTicket 1.7 RC2 CSRF / Disclosure / XSS / Redirect

   » ‎ Packet Storm Security Exploits
  osTicket version 1.7 RC2 suffers from cross site request forgery, cross site scripting, path disclosure, and open redirection vulnerabilities.

  Tags:  cross osticket disclosure cross-site-scripting forgery redirection  

• 15:01

  osTicket 1.7 RC2 CSRF / Disclosure / XSS / Redirect

   » ‎ Packet Storm Security Recent Files
  osTicket version 1.7 RC2 suffers from cross site request forgery, cross site scripting, path disclosure, and open redirection vulnerabilities.

  Tags:  cross osticket disclosure cross-site-scripting forgery redirection  

• 15:01

  osTicket 1.6 ST CSRF / SQL Injection

   » ‎ Packet Storm Security Recent Files
  osTicket version 1.6 stable suffers from cross site request forgery and remote blind SQL injection vulnerabilities.

  Tags:  osticket injection sql sql-injection csrf forgery  

• 15:01

  osTicket 1.7 RC2 CSRF / Disclosure / XSS / Redirect

   » ‎ Packet Storm Security Misc. Files
  osTicket version 1.7 RC2 suffers from cross site request forgery, cross site scripting, path disclosure, and open redirection vulnerabilities.

  Tags:  cross osticket disclosure cross-site-scripting forgery redirection  

• 15:01

  osTicket 1.6 ST CSRF / SQL Injection

   » ‎ Packet Storm Security Misc. Files
  osTicket version 1.6 stable suffers from cross site request forgery and remote blind SQL injection vulnerabilities.

  Tags:  osticket injection sql sql-injection csrf forgery  

• January 01, 2013
• 11:01

  WordPress Sahifa 2.4.0 Cross Site Request Forgery / Path Disclosure

   » ‎ Packet Storm Security Exploits
  WordPress Sahifa theme version 2.4.0 suffers from cross site request forgery and path disclosure vulnerabilities.

  Tags:  cross sahifa wordpress forgery  

• 11:01

  WordPress Sahifa 2.4.0 Cross Site Request Forgery / Path Disclosure

   » ‎ Packet Storm Security Recent Files
  WordPress Sahifa theme version 2.4.0 suffers from cross site request forgery and path disclosure vulnerabilities.

  Tags:  cross sahifa wordpress forgery  

• 11:01

  WordPress Sahifa 2.4.0 Cross Site Request Forgery / Path Disclosure

   » ‎ Packet Storm Security Misc. Files
  WordPress Sahifa theme version 2.4.0 suffers from cross site request forgery and path disclosure vulnerabilities.

  Tags:  cross sahifa wordpress forgery  

• 10:22

  e107 1.0.1 Administrator Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  e107 version 1.0.1 suffers from a cross site request forgery vulnerability that results in arbitrary javascript execution.

  Tags:  cross request site javascript-execution forgery vulnerability  

• 10:22

  e107 1.0.1 Administrator Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  e107 version 1.0.1 suffers from a cross site request forgery vulnerability that results in arbitrary javascript execution.

  Tags:  cross request site javascript-execution forgery vulnerability  

• 10:22

  e107 1.0.1 Administrator Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  e107 version 1.0.1 suffers from a cross site request forgery vulnerability that results in arbitrary javascript execution.

  Tags:  cross request site javascript-execution forgery vulnerability  

• 9:22

  CubeCart 5.x Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  CubeCart version 5.x suffers from a cross site request forgery vulnerability.

  Tags:  cross cubecart site forgery vulnerability  

• 9:22

  e107 1.0.2 Administrator Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  e107 version 1.0.2 suffers from a cross site request forgery vulnerability that results in SQL injection.

  Tags:  cross request site forgery vulnerability  

• 9:22

  e107 1.0.2 Administrator Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  e107 version 1.0.2 suffers from a cross site request forgery vulnerability that results in SQL injection.

  Tags:  cross request site forgery vulnerability  

• 9:22

  CubeCart 5.x Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  CubeCart version 5.x suffers from a cross site request forgery vulnerability.

  Tags:  cross cubecart site forgery vulnerability  

• 9:22

  e107 1.0.2 Administrator Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  e107 version 1.0.2 suffers from a cross site request forgery vulnerability that results in SQL injection.

  Tags:  cross request site forgery vulnerability  

• 9:22

  CubeCart 5.x Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  CubeCart version 5.x suffers from a cross site request forgery vulnerability.

  Tags:  cross cubecart site forgery vulnerability  

• 9:00

  Bugtraq: CubeCart 5.x | Cross Site Request Forgery (CSRF) Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  CubeCart 5.x | Cross Site Request Forgery (CSRF) Vulnerability

  Tags:  request cubecart site forgery bugtraq  

• December 30, 2012
• 3:11

  WordPress Photo Plus / Photo Search XSS / CSRF

   » ‎ Packet Storm Security Exploits
  WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  photo wordpress plus search-version photo-search forgery  

• 3:11

  WordPress Photo Plus / Photo Search XSS / CSRF

   » ‎ Packet Storm Security Exploits
  WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  photo wordpress plus search-version photo-search forgery  

• 3:11

  WordPress Photo Plus / Photo Search XSS / CSRF

   » ‎ Packet Storm Security Recent Files
  WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  search-version photo-search forgery  

• 3:11

  WordPress Photo Plus / Photo Search XSS / CSRF

   » ‎ Packet Storm Security Recent Files
  WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  photo wordpress plus search-version photo-search forgery  

• 3:11

  WordPress Photo Plus / Photo Search XSS / CSRF

   » ‎ Packet Storm Security Misc. Files
  WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  photo wordpress plus search-version photo-search forgery  

• 3:11

  WordPress Photo Plus / Photo Search XSS / CSRF

   » ‎ Packet Storm Security Misc. Files
  WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  photo wordpress plus search-version photo-search forgery  

• December 27, 2012
• 16:00

  ManageEngine MSPCentral Multiple Security Vulnerabilities

   » ‎ SecuriTeam
  ManageEngine MSPCentral is prone to the following multiple security vulnerabilities. 1. A cross-site scripting vulnerability 2. An HTML-injection vulnerability 3. A cross-site request-forgery vulnerability

  Tags:  manageengine vulnerability mspcentral security-vulnerabilities forgery  

• 11:00

  Bugtraq: Open-Realty CMS 3.x | Cross Site Request Forgery (CSRF) Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Open-Realty CMS 3.x | Cross Site Request Forgery (CSRF) Vulnerability

  Tags:  realty site cms forgery vulnerability  

• December 26, 2012
• 23:17

  Secunia Security Advisory 51585

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Aung Khant has reported a vulnerability in Open-Realty, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• 23:17

  Secunia Security Advisory 51585

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Aung Khant has reported a vulnerability in Open-Realty, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• 16:00

  M0n0wall Multiple Cross Site Request Forgery Vulnerabilities

   » ‎ SecuriTeam
  m0n0wall is prone to multiple cross-site request-forgery vulnerabilities because it fails to properly validate POST requests.

  Tags:  wall cross multiple forgery m0n0wall  

• 4:12

  Open-Realty CMS 3.x Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  Open-Realty CMS version 3.x suffers from a cross site request forgery vulnerability.

  Tags:  cross realty cms forgery vulnerability  

• 4:12

  Open-Realty CMS 3.x Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  Open-Realty CMS version 3.x suffers from a cross site request forgery vulnerability.

  Tags:  cross realty cms forgery vulnerability  

• 4:12

  Open-Realty CMS 3.x Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Open-Realty CMS version 3.x suffers from a cross site request forgery vulnerability.

  Tags:  cross realty cms forgery vulnerability  

• 4:12

  Open-Realty CMS 3.x Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Open-Realty CMS version 3.x suffers from a cross site request forgery vulnerability.

  Tags:  cross realty cms forgery vulnerability  

• December 24, 2012
• 15:22

  CubeCart 4.4.6 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  CubeCart versions 4.4.6 and below suffer from a cross site request forgery vulnerability.

  Tags:  cross cubecart site forgery vulnerability  

• 15:22

  CubeCart 4.4.6 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  CubeCart versions 4.4.6 and below suffer from a cross site request forgery vulnerability.

  Tags:  cross cubecart site forgery vulnerability  

• 15:22

  CubeCart 4.4.6 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  CubeCart versions 4.4.6 and below suffer from a cross site request forgery vulnerability.

  Tags:  cross cubecart site forgery vulnerability  

• 15:00

  Bugtraq: CubeCart 4.4.6 and lower | Cross Site Request Forgery (CSRF) Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  CubeCart 4.4.6 and lower | Cross Site Request Forgery (CSRF) Vulnerability

  Tags:  cross cubecart site forgery bugtraq  

• December 21, 2012
• 15:44

  YeaLink IP Phone 9.70.0.100 CSRF / Default Credentials

   » ‎ Packet Storm Security Exploits
  YeaLink IP Phone SIP TxxP firmware versions 9.70.0.100 and below suffer from default credential and cross site request forgery vulnerabilities.

  Tags:  yealink phone default firmware-versions ip-phone forgery  

• 15:44

  YeaLink IP Phone 9.70.0.100 CSRF / Default Credentials

   » ‎ Packet Storm Security Recent Files
  YeaLink IP Phone SIP TxxP firmware versions 9.70.0.100 and below suffer from default credential and cross site request forgery vulnerabilities.

  Tags:  yealink phone default firmware-versions ip-phone forgery  

• 15:44

  YeaLink IP Phone 9.70.0.100 CSRF / Default Credentials

   » ‎ Packet Storm Security Misc. Files
  YeaLink IP Phone SIP TxxP firmware versions 9.70.0.100 and below suffer from default credential and cross site request forgery vulnerabilities.

  Tags:  yealink phone default firmware-versions ip-phone forgery  

• December 20, 2012
• 16:00

  ConcourseConnect HTML Injection and Cross Site Request Forgery Vulnerabilities

   » ‎ SecuriTeam
  ConcourseConnect is prone to multiple HTML-injection vulnerabilities and a cross-site request forgery vulnerability.

  Tags:  forgery concourseconnect request vulnerability  

• 16:00

  Red Hat OpenShift Enterprise Cross Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  Red Hat OpenShift Enterprise is prone to a cross-site request-forgery vulnerability.

  Tags:  openshift hat red forgery vulnerability red-hat  

• 0:00

  Vuln: Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4205 Cross-Site Request Forgery Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4205 Cross-Site Request Forgery Vulnerability

  Tags:  mozilla firefox thunderbird mozilla-firefox seamonkey forgery  

• December 19, 2012
• 16:00

  Apache Tomcat Cross-Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  Apache Tomcat is prone to a cross-site request forgery vulnerability.

  Tags:  request tomcat apache apache-tomcat forgery vulnerability  

• 0:00

  Vuln: Dell SonicWALL SonicOS Cross-Site Request Forgery Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Dell SonicWALL SonicOS Cross-Site Request Forgery Vulnerability

  Tags:  sonicwall sonicos site dell forgery vulnerability  

• December 16, 2012
• 16:00

  Check Point UTM-1 Edge and Safe Multiple Security Vulnerabilities Updated

   » ‎ SecuriTeam
  Check Point UTM-1 Edge and Safe are prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities 2. Multiple HTML-injection vulnerabilities 3. Multiple cross-site request forgery vulnerabilities 4. Multiple URI-redirection vulnerabilities 5. An information-disclosure vulnerability

  Tags:  point multiple edge uri information-disclosure-vulnerability security-vulnerabilities forgery  

• December 11, 2012
• 16:00

  XiVO Cross-Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  XiVO is prone to a cross-site request-forgery vulnerability.

  Tags:  xivo cross vulnerability forgery  

• December 10, 2012
• 15:23

  Snare For Linux Cross Site Request Forgery

   » ‎ Packet Storm Security Advisories
  Snare for Linux suffers from a cross site request forgery vulnerability due to a poor implementation of the ChToken. All versions prior to 1.7.0 are vulnerable.

  Tags:  cross snare linux snare-for-linux poor-implementation forgery  

• 15:23

  Snare For Linux Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Snare for Linux suffers from a cross site request forgery vulnerability due to a poor implementation of the ChToken. All versions prior to 1.7.0 are vulnerable.

  Tags:  cross snare linux snare-for-linux poor-implementation forgery  

• 15:23

  Snare For Linux Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Snare for Linux suffers from a cross site request forgery vulnerability due to a poor implementation of the ChToken. All versions prior to 1.7.0 are vulnerable.

  Tags:  cross snare linux snare-for-linux poor-implementation forgery  

• 12:00

  Bugtraq: Snare for Linux Cross-Site Request Forgery

   » ‎ SecurityFocus Vulnerabilities
  Snare for Linux Cross-Site Request Forgery

  Tags:  for snare site forgery linux  

• December 06, 2012
• 23:30

  [web applications] - m0n0wall 1.33 Cross Site Request Forgery Vulnerability

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [web applications] - m0n0wall 1.33 Cross Site Request Forgery Vulnerability

  Tags:  wall cross web forgery web-applications vulnerability  

• 15:22

  m0n0wall 1.33 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  m0n0wall version 1.33 suffers from a cross site request forgery vulnerability that can allow for remote root access to the system.

  Tags:  wall cross site forgery vulnerability  

• 15:22

  m0n0wall 1.33 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  m0n0wall version 1.33 suffers from a cross site request forgery vulnerability that can allow for remote root access to the system.

  Tags:  wall cross site forgery vulnerability  

• 15:22

  m0n0wall 1.33 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  m0n0wall version 1.33 suffers from a cross site request forgery vulnerability that can allow for remote root access to the system.

  Tags:  wall cross site forgery vulnerability  

• December 04, 2012
• 10:22

  ManageEngine MSPCentral 9 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  ManageEngine MSPCentral version 9 suffers from cross site request forgery, insecure session cookies, and cross site scripting vulnerabilities.

  Tags:  cross manageengine site cross-site-scripting forgery session-cookies  

• 10:22

  ManageEngine MSPCentral 9 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  ManageEngine MSPCentral version 9 suffers from cross site request forgery, insecure session cookies, and cross site scripting vulnerabilities.

  Tags:  cross manageengine site cross-site-scripting forgery session-cookies  

• 10:22

  ManageEngine MSPCentral 9 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  ManageEngine MSPCentral version 9 suffers from cross site request forgery, insecure session cookies, and cross site scripting vulnerabilities.

  Tags:  cross manageengine site cross-site-scripting forgery session-cookies  

• December 03, 2012
• 21:00

  Secunia Security Advisory 51483

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Two vulnerabilities have been reported in RSA NetWitness Informer, which can be exploited by malicious people to conduct click-jacking and cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• 19:11

  Secunia Security Advisory 51142

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Matthew Joyce has discovered multiple vulnerabilities in ConcourseConnect, which can be exploited by malicious people to conduct script insertion and cross-site request forgery attacks.

  Tags:  advisory secunia security matthew-joyce security-advisory forgery  

• 19:11

  Secunia Security Advisory 51503

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Matthew Joyce has discovered multiple vulnerabilities in ConcourseConnect, which can be exploited by malicious people to conduct script insertion and cross-site request forgery attacks.

  Tags:  advisory secunia security matthew-joyce security-advisory forgery  

• 15:37

  RSA NetWitness Informer Cross-Site Request Forgery / Clickjacking

   » ‎ Packet Storm Security Advisories
  RSA NetWitness Informer web interface is susceptible to cross-site request forgery and click-jacking vulnerabilities. These vulnerabilities could be potentially exploited by malicious people by tricking an authenticated user to click on specially-crafted links. This may lead to execution of malicious html requests or scripts in the context of the authenticated user.

  Tags:  informer rsa netwitness html-requests web-interface forgery  

• 15:37

  RSA NetWitness Informer Cross-Site Request Forgery / Clickjacking

   » ‎ Packet Storm Security Recent Files
  RSA NetWitness Informer web interface is susceptible to cross-site request forgery and click-jacking vulnerabilities. These vulnerabilities could be potentially exploited by malicious people by tricking an authenticated user to click on specially-crafted links. This may lead to execution of malicious html requests or scripts in the context of the authenticated user.

  Tags:  informer rsa netwitness html-requests web-interface forgery  

• 15:37

  RSA NetWitness Informer Cross-Site Request Forgery / Clickjacking

   » ‎ Packet Storm Security Misc. Files
  RSA NetWitness Informer web interface is susceptible to cross-site request forgery and click-jacking vulnerabilities. These vulnerabilities could be potentially exploited by malicious people by tricking an authenticated user to click on specially-crafted links. This may lead to execution of malicious html requests or scripts in the context of the authenticated user.

  Tags:  informer rsa netwitness html-requests web-interface forgery  

• 10:01

  Bugtraq: ESA-2012-052 RSA NetWitness Informer Cross-Site Request Forgery and Click-jacking Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  ESA-2012-052 RSA NetWitness Informer Cross-Site Request Forgery and Click-jacking Vulnerabilities

  Tags:  informer rsa netwitness forgery  

• 0:00

  Vuln: Symantec Messaging Gateway CVE-2012-0308 Cross Site Request Forgery Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Symantec Messaging Gateway CVE-2012-0308 Cross Site Request Forgery Vulnerability

  Tags:  gateway symantec messaging forgery vulnerability  

• December 02, 2012
• 16:00

  SAP Netweaver Cross Site Scripting and Cross Site Request Forgery Vulnerabilities

   » ‎ SecuriTeam
  SAP Netweaver is prone to a cross-site scripting vulnerability and a cross-site request-forgery vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  cross netweaver sap cross-site-scripting forgery vulnerability  

• 16:00

  WordPress DX-Contribute Plugin Cross Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  The DX-Contribute plugin for WordPress is prone to a cross-site request-forgery vulnerability because the application fails to properly validate HTTP requests.

  Tags:  plugin wordpress dx-contribute forgery vulnerability  

• December 01, 2012
• 6:44

  Ncentral 8.x Insecure Access / Unsalted Passwords / CSRF

   » ‎ Packet Storm Security Exploits
  Ncentral versions 8.0.x through 8.2.0-1152 suffer from insecure SOAP access that leads to an unprivileged SSH session, poor trust based authentication leading to database compromise, plain text password storage, cross site request forgery, and other vulnerabilities.

  Tags:  insecure access ncentral text-password forgery vulnerabilities  

• 6:44

  Ncentral 8.x Insecure Access / Unsalted Passwords / CSRF

   » ‎ Packet Storm Security Recent Files
  Ncentral versions 8.0.x through 8.2.0-1152 suffer from insecure SOAP access that leads to an unprivileged SSH session, poor trust based authentication leading to database compromise, plain text password storage, cross site request forgery, and other vulnerabilities.

  Tags:  insecure access ncentral text-password forgery vulnerabilities  

• 6:44

  Ncentral 8.x Insecure Access / Unsalted Passwords / CSRF

   » ‎ Packet Storm Security Misc. Files
  Ncentral versions 8.0.x through 8.2.0-1152 suffer from insecure SOAP access that leads to an unprivileged SSH session, poor trust based authentication leading to database compromise, plain text password storage, cross site request forgery, and other vulnerabilities.

  Tags:  insecure access ncentral text-password forgery vulnerabilities  

• 3:11

  Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability.

  Tags:  gateway symantec messaging gateway-version forgery  

• 3:11

  Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability.

  Tags:  gateway symantec messaging gateway-version forgery  

• 3:11

  Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability.

  Tags:  gateway symantec messaging gateway-version forgery  

• November 29, 2012
• 20:47

  SilverStripe CMS 3.0.2 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  SilverStripe version 3.0.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross silverstripe site cross-site-scripting forgery cms  

• 20:47

  SilverStripe CMS 3.0.2 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  SilverStripe version 3.0.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross silverstripe site cross-site-scripting forgery cms  

• 20:47

  SilverStripe CMS 3.0.2 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  SilverStripe version 3.0.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross silverstripe site cross-site-scripting forgery cms  

• 3:33

  MODx 1.0.6 XSS / Abuse Functionality / Denial Of Service

   » ‎ Packet Storm Security Exploits
  MODx versions 1.0.6 and below suffer from cross site request forgery, abuse of functionality, and denial of service vulnerabilities.

  Tags:  abuse functionality modx denial-of-service forgery vulnerabilities  

• 3:33

  MODx 1.0.6 XSS / Abuse Functionality / Denial Of Service

   » ‎ Packet Storm Security Recent Files
  MODx versions 1.0.6 and below suffer from cross site request forgery, abuse of functionality, and denial of service vulnerabilities.

  Tags:  abuse functionality modx denial-of-service forgery vulnerabilities  

• 3:33

  MODx 1.0.6 XSS / Abuse Functionality / Denial Of Service

   » ‎ Packet Storm Security Misc. Files
  MODx versions 1.0.6 and below suffer from cross site request forgery, abuse of functionality, and denial of service vulnerabilities.

  Tags:  abuse functionality modx denial-of-service forgery vulnerabilities  

• November 27, 2012
• 16:00

  Drupal Search API Module Cross Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  The Search API module for Drupal is prone to a cross-site request-forgery vulnerability.

  Tags:  drupal search api search-api forgery vulnerability  

• November 26, 2012
• 22:39

  Secunia Security Advisory 51415

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - High-Tech Bridge has discovered some vulnerabilities in Smartphone Pentest Framework, which can be exploited by malicious people to conduct cross-site request forgery attacks and compromise a vulnerable system.

  Tags:  advisory secunia security security-advisory forgery  

• 0:00

  Vuln: Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4205 Cross-Site Request Forgery Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Mozilla Firefox/Thunderbird/SeaMonkey CVE-2012-4205 Cross-Site Request Forgery Vulnerability

  Tags:  mozilla firefox thunderbird mozilla-firefox seamonkey forgery  

• November 23, 2012
• 0:00

  Vuln: Drupal Search API Module Cross Site Request Forgery Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Drupal Search API Module Cross Site Request Forgery Vulnerability

  Tags:  drupal search api search-api forgery vulnerability  

• November 19, 2012
• 16:00

  Open-Realty CMS Cross Site Request Forgery (CSRF) Vulnerability

   » ‎ SecuriTeam
  Open-Realty 2.5.8 and lower versions are vulnerable to Cross Site Request Forgery vulnerability

  Tags:  cross realty site forgery vulnerability cms  

• November 18, 2012
• 9:22

  WeBid 1.0.5 CSRF / Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Ingress Security researchers have found cross site request forgery and cross site scripting vulnerabilities in WeBid versions 1.0.5 and below.

  Tags:  cross webid site security-researchers forgery vulnerabilities  

• 9:22

  WeBid 1.0.5 CSRF / Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Ingress Security researchers have found cross site request forgery and cross site scripting vulnerabilities in WeBid versions 1.0.5 and below.

  Tags:  cross webid site security-researchers forgery vulnerabilities  

• 9:22

  WeBid 1.0.5 CSRF / Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Ingress Security researchers have found cross site request forgery and cross site scripting vulnerabilities in WeBid versions 1.0.5 and below.

  Tags:  cross webid site security-researchers forgery vulnerabilities  

• November 17, 2012
• 1:31

  [web applications] - Open-Realty 2.5.8 Cross Site Request Forgery Vulnerability

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [web applications] - Open-Realty 2.5.8 Cross Site Request Forgery Vulnerability

  Tags:  web realty open forgery web-applications vulnerability  

• November 16, 2012
• 15:10

  Open-Realty 2.5.8 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  Open-Realty versions 2.5.8 and below suffer from a cross site request forgery vulnerability.

  Tags:  cross realty site forgery vulnerability  

• 15:10

  Open-Realty 2.5.8 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Open-Realty versions 2.5.8 and below suffer from a cross site request forgery vulnerability.

  Tags:  cross realty site forgery vulnerability  

• 15:10

  Open-Realty 2.5.8 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Open-Realty versions 2.5.8 and below suffer from a cross site request forgery vulnerability.

  Tags:  cross realty site forgery vulnerability  

• November 15, 2012
• 3:04

  Secunia Security Advisory 51272

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in the RESTful Web Services module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• November 14, 2012
• 18:24

  Drupal RESTful Web Services 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Advisories
  Drupal RESTful Web Services third party module version 7.x suffers from a cross site request forgery vulnerability.

  Tags:  drupal web restful forgery vulnerability third-party  

• 18:24

  Drupal RESTful Web Services 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Drupal RESTful Web Services third party module version 7.x suffers from a cross site request forgery vulnerability.

  Tags:  drupal web restful forgery vulnerability third-party  

• 18:24

  Drupal RESTful Web Services 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Drupal RESTful Web Services third party module version 7.x suffers from a cross site request forgery vulnerability.

  Tags:  drupal web restful forgery vulnerability third-party  

• November 13, 2012
• 22:05

  Secunia Security Advisory 51082

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - Zhao Liang has discovered a vulnerability in the DX-Contribute plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security liang security-advisory forgery  

• November 11, 2012
• 16:00

  CMS Made Simple Cross-Site Request Forgery (CSRF) Vulnerability

   » ‎ SecuriTeam
  CMS Made Simple is prone to a Cross-Site Request Forgery (CSRF) Vulnerability.

  Tags:  site simple cms forgery vulnerability  

• November 08, 2012
• 15:39

  AWCM 2.2 Access Bypass

   » ‎ Packet Storm Security Exploits
  AWCM version 2.2 appears to suffer from cookie forgery and direct access vulnerabilities.

  Tags:  access awcm bypass forgery direct-access  

• 15:39

  AWCM 2.2 Access Bypass

   » ‎ Packet Storm Security Recent Files
  AWCM version 2.2 appears to suffer from cookie forgery and direct access vulnerabilities.

  Tags:  access awcm bypass forgery direct-access  

• 15:39

  AWCM 2.2 Access Bypass

   » ‎ Packet Storm Security Misc. Files
  AWCM version 2.2 appears to suffer from cookie forgery and direct access vulnerabilities.

  Tags:  access awcm bypass forgery direct-access  

• November 07, 2012
• 23:54

  [web applications] - CMS Made Simple 1.11.2 Cross Site Request Forgery Vulnerability

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [web applications] - CMS Made Simple 1.11.2 Cross Site Request Forgery Vulnerability

  Tags:  web application cms simple-1 forgery web-applications  

• 16:25

  CMS Made Simple 1.11.2 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  CMS Made Simple version 1.11.2 suffers from a cross site request forgery vulnerability.

  Tags:  cross simple cms simple-1 forgery vulnerability  

• 16:25

  CMS Made Simple 1.11.2 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  CMS Made Simple version 1.11.2 suffers from a cross site request forgery vulnerability.

  Tags:  cross simple cms simple-1 forgery vulnerability  

• 16:25

  CMS Made Simple 1.11.2 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  CMS Made Simple version 1.11.2 suffers from a cross site request forgery vulnerability.

  Tags:  cross simple cms simple-1 forgery vulnerability  

• 8:00

  Bugtraq: Cross-Site Request Forgery (CSRF) in CMS Made Simple

   » ‎ SecurityFocus Vulnerabilities
  Cross-Site Request Forgery (CSRF) in CMS Made Simple

  Tags:  request csrf site forgery cms  

• November 06, 2012
• 23:12

  [web applications] - OrangeHRM 2.7.1-rc.1 Cross Site Request Forgery / SQL Injection Vulnerabilities

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [web applications] - OrangeHRM 2.7.1-rc.1 Cross Site Request Forgery / SQL Injection Vulnerabilities

  Tags:  cross web orangehrm forgery web-applications  

• 20:28

  Secunia Security Advisory 51185

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - High-Tech Bridge has discovered a vulnerability in CMS Made Simple, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• 18:29

  OrangeHRM 2.7.1-rc.1 Cross Site Request Forgery / SQL Injection

   » ‎ Packet Storm Security Exploits
  OrangeHRM version 2.7.1-rc.1 suffers from cross site request forgery and remote SQL injection vulnerabilities.

  Tags:  cross orangehrm site forgery  

• 18:29

  OrangeHRM 2.7.1-rc.1 Cross Site Request Forgery / SQL Injection

   » ‎ Packet Storm Security Recent Files
  OrangeHRM version 2.7.1-rc.1 suffers from cross site request forgery and remote SQL injection vulnerabilities.

  Tags:  cross orangehrm site forgery  

• 18:29

  OrangeHRM 2.7.1-rc.1 Cross Site Request Forgery / SQL Injection

   » ‎ Packet Storm Security Misc. Files
  OrangeHRM version 2.7.1-rc.1 suffers from cross site request forgery and remote SQL injection vulnerabilities.

  Tags:  cross orangehrm site forgery  

• November 05, 2012
• 7:44

  ZPanel 10.0.1 XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Exploits
  ZPanel versions 10.0.1 and below suffer from cross site request forgery, cross site scripting, password reset, and remote SQL injection vulnerabilities.

  Tags:  cross zpanel site sql-injection cross-site-scripting forgery  

• 7:44

  ZPanel 10.0.1 XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Recent Files
  ZPanel versions 10.0.1 and below suffer from cross site request forgery, cross site scripting, password reset, and remote SQL injection vulnerabilities.

  Tags:  cross zpanel site sql-injection cross-site-scripting forgery  

• 7:44

  ZPanel 10.0.1 XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Misc. Files
  ZPanel versions 10.0.1 and below suffer from cross site request forgery, cross site scripting, password reset, and remote SQL injection vulnerabilities.

  Tags:  cross zpanel site sql-injection cross-site-scripting forgery  

• November 02, 2012
• 13:22

  CheckPoint/Sofaware Firewall XSS / CSRF / Redirection / Disclosure

   » ‎ Packet Storm Security Exploits
  CheckPoint/Sofaware firewalls suffer from redirection, cross site request forgery, cross site scripting, and information disclosure vulnerabilities.

  Tags:  checkpoint sofaware redirection information-disclosure cross-site-scripting forgery  

• 13:22

  CheckPoint/Sofaware Firewall XSS / CSRF / Redirection / Disclosure

   » ‎ Packet Storm Security Recent Files
  CheckPoint/Sofaware firewalls suffer from redirection, cross site request forgery, cross site scripting, and information disclosure vulnerabilities.

  Tags:  checkpoint sofaware redirection information-disclosure cross-site-scripting forgery  

• 13:22

  CheckPoint/Sofaware Firewall XSS / CSRF / Redirection / Disclosure

   » ‎ Packet Storm Security Misc. Files
  CheckPoint/Sofaware firewalls suffer from redirection, cross site request forgery, cross site scripting, and information disclosure vulnerabilities.

  Tags:  checkpoint sofaware redirection information-disclosure cross-site-scripting forgery  

• October 27, 2012
• 17:00

  WordPress White Label CMS Plugin HTML Injection and Cross Site Request Forgery Vulnerabilities

   » ‎ SecuriTeam
  White Label CMS plugin for WordPress is prone to an HTML-injection vulnerability and a cross-site request-forgery vulnerability because it fails to properly sanitize user-supplied input.

  Tags:  label wordpress white white-label forgery vulnerability  

• October 25, 2012
• 8:31

  Drupal Time Spent 6.x / 7.x XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Advisories
  Drupal Time Spent third party module versions 6.x and 7.x suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

  Tags:  spent drupal time cross-site-scripting sql-injection forgery  

• 8:31

  Drupal Time Spent 6.x / 7.x XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Recent Files
  Drupal Time Spent third party module versions 6.x and 7.x suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

  Tags:  spent drupal time cross-site-scripting sql-injection forgery  

• 8:31

  Drupal Time Spent 6.x / 7.x XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Misc. Files
  Drupal Time Spent third party module versions 6.x and 7.x suffer from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

  Tags:  spent drupal time cross-site-scripting sql-injection forgery  

• 8:03

  Inout Article Base Ultimate SQL Injection / CSRF

   » ‎ Packet Storm Security Exploits
  Inout Article Base Ultimate versions prior to 2 suffer from cross site request forgery and remote blind SQL injection vulnerabilities.

  Tags:  inout sql ultimate article-base sql-injection forgery  

• 8:03

  Inout Article Base Ultimate SQL Injection / CSRF

   » ‎ Packet Storm Security Recent Files
  Inout Article Base Ultimate versions prior to 2 suffer from cross site request forgery and remote blind SQL injection vulnerabilities.

  Tags:  inout sql ultimate article-base sql-injection forgery  

• 8:03

  Inout Article Base Ultimate SQL Injection / CSRF

   » ‎ Packet Storm Security Misc. Files
  Inout Article Base Ultimate versions prior to 2 suffer from cross site request forgery and remote blind SQL injection vulnerabilities.

  Tags:  inout sql ultimate article-base sql-injection forgery  

• October 23, 2012
• 17:00

  Xavi 7968 ADSL Router Multiple Remote Vulnerabilities

   » ‎ SecuriTeam
  Xavi 7968 ADSL Router is prone to cross-site scripting, HTML-injection and cross-site request forgery vulnerabilities.

  Tags:  router adsl xavi forgery vulnerabilities  

• October 22, 2012
• 5:11

  cPanel Pro 11.32.5.11 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  cPanel Pro version 11.32.5.11 suffers from multiple cross site request forgery vulnerabilities.

  Tags:  cross site cpanel forgery  

• 5:11

  cPanel Pro 11.32.5.11 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  cPanel Pro version 11.32.5.11 suffers from multiple cross site request forgery vulnerabilities.

  Tags:  cross site cpanel forgery  

• 5:11

  cPanel Pro 11.32.5.11 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  cPanel Pro version 11.32.5.11 suffers from multiple cross site request forgery vulnerabilities.

  Tags:  cross site cpanel forgery  

• 4:11

  White Label CMS 1.5 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  White Label CMS version 1.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross site white white-label cross-site-scripting forgery  

• 4:11

  White Label CMS 1.5 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  White Label CMS version 1.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross site white white-label cross-site-scripting forgery  

• 4:11

  White Label CMS 1.5 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  White Label CMS version 1.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross site white white-label cross-site-scripting forgery  

• October 19, 2012
• 17:49

  CMSQLITE 1.3.2 LFI / XSS / Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  CMSQLITE version 1.3.2 suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.

  Tags:  cross site cmsqlite cross-site-scripting forgery inclusion  

• 17:49

  CMSQLITE 1.3.2 LFI / XSS / Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  CMSQLITE version 1.3.2 suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.

  Tags:  cross site cmsqlite cross-site-scripting forgery inclusion  

• 17:49

  CMSQLITE 1.3.2 LFI / XSS / Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  CMSQLITE version 1.3.2 suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.

  Tags:  cross site cmsqlite cross-site-scripting forgery inclusion  

• 17:00

  Subrion CMS SQL Injection , Cross-Site Scripting and Cross-Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  Multiple vulnerabilities have been found in Subrion CMS, which can be exploited to perform Cross-Site Scripting (XSS), SQL Injection and ross-Site Request Forgery (CSRF) attacks.

  Tags:  site subrion cms sql-injection cross-site-scripting forgery  

• 17:00

  Template CMS Cross-Site Scripting and Cross-Site Request Forgery Vulnerability

   » ‎ SecuriTeam
  Multiple vulnerabilities have been found in Template CMS, which can be exploited to perform Cross-Site Scripting (XSS) and ross-Site Request Forgery (CSRF) attacks.

  Tags:  template site cms cross-site-scripting forgery xss  

• October 18, 2012
• 14:51

  Drupal Search API 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Advisories
  Drupal Search third party module version 7.x suffers from a cross site request forgery vulnerability.

  Tags:  cross drupal search search-api forgery vulnerability  

• 14:51

  Drupal Search API 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Drupal Search third party module version 7.x suffers from a cross site request forgery vulnerability.

  Tags:  cross drupal search search-api forgery vulnerability  

• 14:51

  Drupal Search API 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Drupal Search third party module version 7.x suffers from a cross site request forgery vulnerability.

  Tags:  cross drupal search search-api forgery vulnerability  

• October 17, 2012
• 23:55

  Subrion CMS 2.2.1 XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Exploits
  Subrion CMS version 2.2.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

  Tags:  sql subrion cms cross-site-scripting sql-injection forgery  

• 23:55

  Subrion CMS 2.2.1 XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Recent Files
  Subrion CMS version 2.2.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

  Tags:  sql subrion cms cross-site-scripting sql-injection forgery  

• 23:55

  Subrion CMS 2.2.1 XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Misc. Files
  Subrion CMS version 2.2.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

  Tags:  sql subrion cms cross-site-scripting sql-injection forgery  

• October 11, 2012
• 20:38

  Secunia Security Advisory 50908

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been discovered in ServersCheck Monitoring Software, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• October 07, 2012
• 11:22

  YourArcadeScript 2.4 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  YourArcadeScript version 2.4 suffers from a cross site request forgery vulnerability.

  Tags:  cross site yourarcadescript forgery vulnerability  

• 11:22

  YourArcadeScript 2.4 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  YourArcadeScript version 2.4 suffers from a cross site request forgery vulnerability.

  Tags:  cross site yourarcadescript forgery vulnerability  

• 11:22

  YourArcadeScript 2.4 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  YourArcadeScript version 2.4 suffers from a cross site request forgery vulnerability.

  Tags:  cross site yourarcadescript forgery vulnerability  

• October 04, 2012
• 14:00

  [Web applications] - Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [Web applications] - Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting

  Tags:  cross-site-scripting forgery web-applications  

• 0:00

  Vuln: Cerberus FTP Server CVE-2012-2999 Cross Site Request Forgery Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  Cerberus FTP Server CVE-2012-2999 Cross Site Request Forgery Vulnerability

  Tags:  server ftp cerberus forgery ftp-server vulnerability  

• October 03, 2012
• 16:51

  Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  Template CMS version 2.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross template site cross-site-scripting forgery cms  

• 16:51

  Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  Template CMS version 2.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross template site cross-site-scripting forgery cms  

• 16:51

  Template CMS 2.1.1 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  Template CMS version 2.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross template site cross-site-scripting forgery cms  

• 16:02

  Drupal Commerce Extra Panes 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Advisories
  Drupal Commerce Extra Panes third party module version 7.x suffers from a cross site request forgery vulnerability.

  Tags:  commerce drupal extra panes forgery  

• 16:02

  Drupal Commerce Extra Panes 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Drupal Commerce Extra Panes third party module version 7.x suffers from a cross site request forgery vulnerability.

  Tags:  commerce drupal extra panes forgery  

• 16:02

  Drupal Commerce Extra Panes 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Drupal Commerce Extra Panes third party module version 7.x suffers from a cross site request forgery vulnerability.

  Tags:  commerce drupal extra panes forgery  

• 14:00

  [Web applications] - TP-LINK TD-W8151N Cross Site Request Forgery

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [Web applications] - TP-LINK TD-W8151N Cross Site Request Forgery

  Tags:  tp-link td-w application link forgery web-applications  

• October 02, 2012
• 16:48

  TP-LINK TD-W8151N Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  TP-LINK TD-W8151N 150Mbps wireless N ADSL+2 modem router suffers from a cross site request forgery vulnerability.

  Tags:  tp-link site td-w link-td-w n-cross n-adsl modem-router forgery vulnerability  

• 16:48

  TP-LINK TD-W8151N Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  TP-LINK TD-W8151N 150Mbps wireless N ADSL+2 modem router suffers from a cross site request forgery vulnerability.

  Tags:  tp-link site td-w link-td-w n-cross n-adsl modem-router forgery vulnerability  

• 16:48

  TP-LINK TD-W8151N Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  TP-LINK TD-W8151N 150Mbps wireless N ADSL+2 modem router suffers from a cross site request forgery vulnerability.

  Tags:  tp-link site td-w link-td-w n-cross n-adsl modem-router forgery vulnerability  

• September 30, 2012
• 18:49

  Secunia Security Advisory 50789

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in Rational Team Concert, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• September 27, 2012
• 17:01

  JAMF Casper Suite MDM Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  JAMF Casper Suite MDM suffers from a cross site request forgery vulnerability.

  Tags:  cross mdm suite casper forgery vulnerability  

• 17:01

  JAMF Casper Suite MDM Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  JAMF Casper Suite MDM suffers from a cross site request forgery vulnerability.

  Tags:  cross mdm suite casper forgery vulnerability  

• 17:01

  JAMF Casper Suite MDM Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  JAMF Casper Suite MDM suffers from a cross site request forgery vulnerability.

  Tags:  cross mdm suite casper forgery vulnerability  

• September 26, 2012
• 4:13

  Secunia Security Advisory 50741

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in Cerberus FTP Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• 4:13

  Secunia Security Advisory 50714

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in JAMF Casper Suite, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security casper security-advisory forgery  

• September 25, 2012
• 14:00

  [web applications] - IFOBS Cross Site Request Forgery / Cross Site Scripting Vulnerability

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [web applications] - IFOBS Cross Site Request Forgery / Cross Site Scripting Vulnerability

  Tags:  cross web site cross-site-scripting forgery web-applications  

• September 24, 2012
• 23:35

  Atlassian Confluence 3.0 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  Atlassian Confluence version 3.0 suffers from multiple cross site request forgery vulnerabilities. The vendor has decided not to fix these issues.

  Tags:  confluence cross atlassian forgery  

• 23:35

  Atlassian Confluence 3.0 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Atlassian Confluence version 3.0 suffers from multiple cross site request forgery vulnerabilities. The vendor has decided not to fix these issues.

  Tags:  confluence cross atlassian forgery  

• 23:35

  Atlassian Confluence 3.0 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Atlassian Confluence version 3.0 suffers from multiple cross site request forgery vulnerabilities. The vendor has decided not to fix these issues.

  Tags:  confluence cross atlassian forgery  

• 10:22

  IFOBS Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  IFOBS suffers from cross site scripting and cross site request forgery vulnerabilities.

  Tags:  cross ifobs site cross-site-scripting forgery  

• 10:22

  IFOBS Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  IFOBS suffers from cross site scripting and cross site request forgery vulnerabilities.

  Tags:  cross ifobs site cross-site-scripting forgery  

• 10:22

  IFOBS Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  IFOBS suffers from cross site scripting and cross site request forgery vulnerabilities.

  Tags:  cross ifobs site cross-site-scripting forgery  

• 9:00

  Bugtraq: [CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  [CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities

  Tags:  confluence request cve-id forgery  

• September 23, 2012
• 21:14

  Secunia Security Advisory 50717

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been discovered in the Notices Ticker Plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• September 22, 2012
• 14:00

  [web applications] - WordPress 3.4.2 Cross Site Request Forgery

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [web applications] - WordPress 3.4.2 Cross Site Request Forgery

  Tags:  cross web application forgery web-applications  

• September 21, 2012
• 23:06

  WordPress Sexy Add Template CSRF Shell Upload

   » ‎ Packet Storm Security Exploits
  WordPress Sexy Add Template third party plugin suffers from a cross site request forgery vulnerability that can allow for a remote shell upload.

  Tags:  wordpress template sexy remote-shell party-plugin forgery  

• 23:06

  WordPress Sexy Add Template CSRF Shell Upload

   » ‎ Packet Storm Security Recent Files
  WordPress Sexy Add Template third party plugin suffers from a cross site request forgery vulnerability that can allow for a remote shell upload.

  Tags:  wordpress template sexy remote-shell party-plugin forgery  

• 23:06

  WordPress Sexy Add Template CSRF Shell Upload

   » ‎ Packet Storm Security Misc. Files
  WordPress Sexy Add Template third party plugin suffers from a cross site request forgery vulnerability that can allow for a remote shell upload.

  Tags:  wordpress template sexy remote-shell party-plugin forgery  

• 23:05

  WordPress Add Multiple Users Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  WordPress Add Multiple Users third party plugin suffers from a cross site request forgery vulnerability.

  Tags:  cross multiple wordpress party-plugin multiple-users forgery  

• 23:05

  WordPress Add Multiple Users Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  WordPress Add Multiple Users third party plugin suffers from a cross site request forgery vulnerability.

  Tags:  cross multiple wordpress party-plugin multiple-users forgery  

• 23:05

  WordPress Add Multiple Users Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  WordPress Add Multiple Users third party plugin suffers from a cross site request forgery vulnerability.

  Tags:  cross multiple wordpress party-plugin multiple-users forgery  

• 18:11

  WordPress 3.4.2 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  WordPress version 3.4.2 appears to suffer from a cross site request forgery vulnerability.

  Tags:  cross wordpress site forgery vulnerability  

• 18:11

  WordPress 3.4.2 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  WordPress version 3.4.2 appears to suffer from a cross site request forgery vulnerability.

  Tags:  cross wordpress site forgery vulnerability  

• 18:11

  WordPress 3.4.2 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  WordPress version 3.4.2 appears to suffer from a cross site request forgery vulnerability.

  Tags:  cross wordpress site forgery vulnerability  

• 16:44

  WordPress Notices CSRF / XSS

   » ‎ Packet Storm Security Exploits
  WordPress Notices third party plugin suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross wordpress notices party-plugin forgery third-party  

• 16:44

  WordPress Notices CSRF / XSS

   » ‎ Packet Storm Security Recent Files
  WordPress Notices third party plugin suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross wordpress notices party-plugin forgery third-party  

• 16:44

  WordPress Notices CSRF / XSS

   » ‎ Packet Storm Security Misc. Files
  WordPress Notices third party plugin suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross wordpress notices party-plugin forgery third-party  

• September 20, 2012
• 0:37

  WordPress Wp-TopBar 4.02 CSRF / XSS

   » ‎ Packet Storm Security Exploits
  WordPress Wp-TopBar plugin version 4.02 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross topbar wordpress plugin-version forgery  

• 0:37

  WordPress Wp-TopBar 4.02 CSRF / XSS

   » ‎ Packet Storm Security Recent Files
  WordPress Wp-TopBar plugin version 4.02 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross topbar wordpress plugin-version forgery  

• 0:37

  WordPress Wp-TopBar 4.02 CSRF / XSS

   » ‎ Packet Storm Security Misc. Files
  WordPress Wp-TopBar plugin version 4.02 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross topbar wordpress plugin-version forgery  

• September 18, 2012
• 22:57

  Secunia Security Advisory 50680

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in Cisco Identity Services Engine, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• 9:22

  Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery

   » ‎ Packet Storm Security Advisories
  Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

  Tags:  gateway symantec messaging gateway-version ncc-group forgery  

• 9:22

  Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

  Tags:  gateway-version ncc-group forgery  

• 9:22

  Symantec Messaging Gateway 9.5.3-3 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Symantec Messaging Gateway version 9.5.3-3 suffers from a cross site request forgery vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

  Tags:  gateway symantec messaging gateway-version ncc-group forgery  

• September 17, 2012
• 11:56

  Netsweeper WebAdmin Portal CSRF / XSS / SQL Injection

   » ‎ Packet Storm Security Exploits
  Netsweeper WebAdmin Portal suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Note that most of this data released back in July of 2012 without the SQL injection information.

  Tags:  injection netsweeper sql cross-site-scripting sql-injection forgery  

• 11:56

  Netsweeper WebAdmin Portal CSRF / XSS / SQL Injection

   » ‎ Packet Storm Security Recent Files
  Netsweeper WebAdmin Portal suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Note that most of this data released back in July of 2012 without the SQL injection information.

  Tags:  injection netsweeper sql cross-site-scripting sql-injection forgery  

• 11:56

  Netsweeper WebAdmin Portal CSRF / XSS / SQL Injection

   » ‎ Packet Storm Security Misc. Files
  Netsweeper WebAdmin Portal suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities. Note that most of this data released back in July of 2012 without the SQL injection information.

  Tags:  injection netsweeper sql cross-site-scripting sql-injection forgery  

• September 11, 2012
• 13:18

  Subrion CMS 2.2.1 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  Subrion CMS version 2.2.1 suffers from a cross site request forgery vulnerability.

  Tags:  cross subrion cms forgery vulnerability  

• 13:18

  Subrion CMS 2.2.1 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Subrion CMS version 2.2.1 suffers from a cross site request forgery vulnerability.

  Tags:  cross subrion cms forgery vulnerability  

• 13:18

  Subrion CMS 2.2.1 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Subrion CMS version 2.2.1 suffers from a cross site request forgery vulnerability.

  Tags:  cross subrion cms forgery vulnerability  

• September 06, 2012
• 14:00

  [webapps / 0day] - TestLink 1.9.3 Cross Site Request Forgery Vulnerability

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [webapps / 0day] - TestLink 1.9.3 Cross Site Request Forgery Vulnerability

  Tags:  day testlink webapps forgery vulnerability  

• 14:00

  [web applications] - TestLink 1.9.3 Cross Site Request Forgery Vulnerability

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [web applications] - TestLink 1.9.3 Cross Site Request Forgery Vulnerability

  Tags:  cross web testlink forgery web-applications vulnerability  

• September 05, 2012
• 23:38

  Secunia Security Advisory 50542

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in the Heartbeat module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• 18:59

  TestLink 1.9.3 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  TestLink version 1.9.3 suffers from a cross site request forgery vulnerability.

  Tags:  cross testlink site forgery vulnerability  

• 18:59

  TestLink 1.9.3 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  TestLink version 1.9.3 suffers from a cross site request forgery vulnerability.

  Tags:  cross testlink site forgery vulnerability  

• 18:59

  TestLink 1.9.3 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  TestLink version 1.9.3 suffers from a cross site request forgery vulnerability.

  Tags:  cross testlink site forgery vulnerability  

• 18:51

  Drupal Heartbeat 6.x / 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Advisories
  Drupal Heartbeat versions 6.x and 7.x suffer from a cross site request forgery vulnerability.

  Tags:  cross heartbeat drupal forgery vulnerability  

• 18:51

  Drupal Heartbeat 6.x / 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Drupal Heartbeat versions 6.x and 7.x suffer from a cross site request forgery vulnerability.

  Tags:  cross heartbeat drupal forgery vulnerability  

• 18:51

  Drupal Heartbeat 6.x / 7.x Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Drupal Heartbeat versions 6.x and 7.x suffer from a cross site request forgery vulnerability.

  Tags:  cross heartbeat drupal forgery vulnerability  

• 12:00

  Bugtraq: Сross-Site Request Forgery (CSRF) in TestLink

   » ‎ SecurityFocus Vulnerabilities
  Сross-Site Request Forgery (CSRF) in TestLink

  Tags:  request csrf forgery ross-site testlink bugtraq  

• September 03, 2012
• 18:42

  JIRA / GreenHopper Cross Site Scripting

   » ‎ Packet Storm Security Advisories
  JIRA version 4.4.3 with GreenHopper version 5.9.8 suffers from cross site request forgery and stored cross site scripting vulnerabilities.

  Tags:  cross jira site forgery  

• 18:42

  JIRA / GreenHopper Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  JIRA version 4.4.3 with GreenHopper version 5.9.8 suffers from cross site request forgery and stored cross site scripting vulnerabilities.

  Tags:  cross jira site forgery  

• 18:42

  JIRA / GreenHopper Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  JIRA version 4.4.3 with GreenHopper version 5.9.8 suffers from cross site request forgery and stored cross site scripting vulnerabilities.

  Tags:  cross jira site forgery  

• September 02, 2012
• 8:55

  Sciretech 3.0.0 SQL Injection / CSRF

   » ‎ Packet Storm Security Exploits
  Sciretech file Manager version 3.0.0 and Multimedia Manager version 3.0.0 suffer from cross site request forgery and remote blind SQL injection vulnerabilities.

  Tags:  sciretech manager sql multimedia-manager forgery  

• 8:55

  Sciretech 3.0.0 SQL Injection / CSRF

   » ‎ Packet Storm Security Recent Files
  Sciretech file Manager version 3.0.0 and Multimedia Manager version 3.0.0 suffer from cross site request forgery and remote blind SQL injection vulnerabilities.

  Tags:  sciretech manager sql multimedia-manager forgery  

• 8:55

  Sciretech 3.0.0 SQL Injection / CSRF

   » ‎ Packet Storm Security Misc. Files
  Sciretech file Manager version 3.0.0 and Multimedia Manager version 3.0.0 suffer from cross site request forgery and remote blind SQL injection vulnerabilities.

  Tags:  sciretech manager sql multimedia-manager forgery  

• August 30, 2012
• 14:45

  Booking System Pro Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  Booking System Pro suffers from a cross site request forgery vulnerability.

  Tags:  system cross booking booking-system forgery vulnerability  

• 14:45

  Booking System Pro Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  Booking System Pro suffers from a cross site request forgery vulnerability.

  Tags:  system cross booking booking-system forgery vulnerability  

• 14:45

  Booking System Pro Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  Booking System Pro suffers from a cross site request forgery vulnerability.

  Tags:  system cross booking booking-system forgery vulnerability  

• 0:00

  Vuln: IBM Infosphere Guardium Administrative Account Cross Site Request Forgery Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  IBM Infosphere Guardium Administrative Account Cross Site Request Forgery Vulnerability

  Tags:  infosphere guardium ibm administrative-account forgery vulnerability  

• August 28, 2012
• 21:06

  RV Shopping Cart Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  RV Shopping Cart suffers from a cross site request forgery vulnerability.

  Tags:  cross cart shopping cart-cross forgery shopping-cart  

• 21:06

  RV Shopping Cart Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  RV Shopping Cart suffers from a cross site request forgery vulnerability.

  Tags:  cross cart shopping cart-cross forgery shopping-cart  

• 21:06

  RV Shopping Cart Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  RV Shopping Cart suffers from a cross site request forgery vulnerability.

  Tags:  cross cart shopping cart-cross forgery shopping-cart  

• 21:04

  RV Article Publisher Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  RV Article Publisher suffers from a cross site request forgery vulnerability.

  Tags:  article cross publisher forgery vulnerability  

• 21:04

  RV Article Publisher Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  RV Article Publisher suffers from a cross site request forgery vulnerability.

  Tags:  article cross publisher forgery vulnerability  

• 21:04

  RV Article Publisher Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  RV Article Publisher suffers from a cross site request forgery vulnerability.

  Tags:  article cross publisher forgery vulnerability  

• August 23, 2012
• 18:33

  op5 Monitoring 5.4.2 XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Exploits
  op5 Monitoring version 5.4.2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

  Tags:  injection monitoring sql cross-site-scripting sql-injection forgery  

• 18:33

  op5 Monitoring 5.4.2 XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Recent Files
  op5 Monitoring version 5.4.2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

  Tags:  injection monitoring sql cross-site-scripting sql-injection forgery  

• 18:33

  op5 Monitoring 5.4.2 XSS / CSRF / SQL Injection

   » ‎ Packet Storm Security Misc. Files
  op5 Monitoring version 5.4.2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

  Tags:  injection monitoring sql cross-site-scripting sql-injection forgery  

• 16:22

  LetoDMS 3.3.6 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Exploits
  LetoDMS version 3.3.6 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross letodms site cross-site-scripting forgery  

• 16:22

  LetoDMS 3.3.6 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Recent Files
  LetoDMS version 3.3.6 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross letodms site cross-site-scripting forgery  

• 16:22

  LetoDMS 3.3.6 Cross Site Request Forgery / Cross Site Scripting

   » ‎ Packet Storm Security Misc. Files
  LetoDMS version 3.3.6 suffers from cross site request forgery and cross site scripting vulnerabilities.

  Tags:  cross letodms site cross-site-scripting forgery  

• August 22, 2012
• 22:18

  Secunia Security Advisory 50339

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in VamCart, which can be exploited by malicious people to conduct cross-site request forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• 15:44

  OpenDocMan 1.2.6.1 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  OpenDocMan version 1.2.6.1 suffers from a cross site request forgery vulnerability.

  Tags:  cross opendocman site forgery vulnerability  

• 15:44

  OpenDocMan 1.2.6.1 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  OpenDocMan version 1.2.6.1 suffers from a cross site request forgery vulnerability.

  Tags:  cross opendocman site forgery vulnerability  

• 15:44

  OpenDocMan 1.2.6.1 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  OpenDocMan version 1.2.6.1 suffers from a cross site request forgery vulnerability.

  Tags:  cross opendocman site forgery vulnerability  

• 15:22

  VamCart 0.9 Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  VamCart version 0.9 suffers from a cross site request forgery vulnerability.

  Tags:  cross site vamcart forgery vulnerability  

• 15:22

  VamCart 0.9 Cross Site Request Forgery

   » ‎ Packet Storm Security Recent Files
  VamCart version 0.9 suffers from a cross site request forgery vulnerability.

  Tags:  cross site vamcart forgery vulnerability  

• 15:22

  VamCart 0.9 Cross Site Request Forgery

   » ‎ Packet Storm Security Misc. Files
  VamCart version 0.9 suffers from a cross site request forgery vulnerability.

  Tags:  cross site vamcart forgery vulnerability  

• August 21, 2012
• 21:00

  Secunia Security Advisory 50315

   » ‎ Packet Storm Security Advisories
  Secunia Security Advisory - A vulnerability has been reported in PG Portal Pro, which can be exploited by malicious people to conduct cross-site forgery attacks.

  Tags:  advisory secunia security security-advisory forgery  

• August 19, 2012
• 17:00

  Drupal CDN2 Video Module Cross Site Request Forgery and Cross Site Scripting Vulnerabilities UPDATED

   » ‎ SecuriTeam
  The CDN2 Video module for Drupal is prone to a cross-site request-forgery vulnerability and a cross-site scripting vulnerability.

  Tags:  video drupal cdn video-module forgery  

• 14:00

  [webapps / 0day] - ocPortal CMS 8.x Cross Site Request Forgery

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [webapps / 0day] - ocPortal CMS 8.x Cross Site Request Forgery

  Tags:  day cms webapps forgery  

• 5:12

  ocPortal CMS 8.x Cross Site Request Forgery

   » ‎ Packet Storm Security Exploits
  ocPortal CMS version 8.1.2 suffers from a cross site request forgery vulnerability.

  Tags:  cross ocportal cms forgery vulnerability