Articles for tag "CSRF": 22

VDSL Client Modem ALL-BM100VDSL2: CSRF
2017 Apr 13

VDSL Client Modem ALL-BM100VDSL2: CSRF

The web interface of the VDSL Client Modem ALL-BM100VDSL2 is vulnerable to CSRF. Because of this it is possible to add a new admin user.

pfsense 2.3.2: CSRF
2017 Mar 24

pfsense 2.3.2: CSRF

pfsense is an open source firewall. The web interface is written in PHP. In version 2.3.2-RELEASE (amd64), the actions of creating and deleting firewall rules are vulnerable to CSRF, enabling an Attacker to edit these rules with a little bit of social engineering.

Elefant CMS 1.3.12-RC: CSRF
2017 Feb 02

Elefant CMS 1.3.12-RC: CSRF

Elefant is a content managment system written in PHP. In version 1.3.12-RC, it is vulnerable to cross site request forgery. If a victim visits a website that contains specifically crafted code while logged into Elefant, an attacker can for example create a new admin account without the victims knowledge.

MyLittleForum 2.3.6.1: CSRF
2016 Nov 10

MyLittleForum 2.3.6.1: CSRF

MyLittleForum is forum software written in PHP. In version 2.3.6.1, it is vulnerable to cross site request forgery. An attacker could exploit this issue to add new users or change the status of existing users to administrator if a victim visits a website containing a specifically crafted payload while logged into MyLittleForum.

Lepton 2.2.2: CSRF, Open Redirect, Insecure Bruteforce Protection & Password Handling
2016 Nov 10

Lepton 2.2.2: CSRF, Open Redirect, Insecure Bruteforce Protection & Password Handling

Lepton is a content management system written in PHP. In version 2.2.2, it contains various low to medium impact issues. The functionality that operates on files and folders is vulnerable to CSRF which may lead to XSS, the logout is vulnerable to Open Redirect, the in-build bruteforce protection can be easily bypassed, and passwords are hashed with md5 and send out via email in plaintext.

Security Implications of GET/POST Interchangeability
2016 Nov 03

Security Implications of GET/POST Interchangeability

This article will provide a short overview of the security implications of treating POST and GET requests interchangeably, thus allowing a POST to GET downgrade. It will conclude with possible solutions.

MyBB 1.8.6: CSRF, Weak Hashing, Plaintext Passwords
2016 Sep 15

MyBB 1.8.6: CSRF, Weak Hashing, Plaintext Passwords

MyBB 1.8.6 is vulnerable to login CSRF. Additionally, it stores passwords using weak hashing, and sends passwords via email in plaintext.

Opendocman 1.3.4: CSRF
2016 Feb 01

Opendocman 1.3.4: CSRF

Opendocman 1.3.4 does not have CSRF protection, allowing an attacker to execute actions for a victim - for example adding a new admin user.

DYNPG 4.6: CSRF
2016 Jan 28

DYNPG 4.6: CSRF

DYNPG 4.6 does not have CSRF protection, allowing an attacker to execute actions for a victim - for example adding a new admin user. In this case, this may lead to code execution by allowing the upload of PHP files.

PhpSocial v2.0.0304: CSRF
2015 Dec 21

PhpSocial v2.0.0304: CSRF

PhpSocial v2.0.0304 does not have CSRF protection, allowing an attacker to execute actions for a victim - for example adding a new admin user.

Grawlix 1.0.3: CSRF
2015 Dec 21

Grawlix 1.0.3: CSRF

Grawlix 1.0.3 does not have CSRF protection, allowing an attacker to execute actions for a victim - for example changing the password of an admin user.

phpwcms 1.7.9: CSRF
2015 Dec 02

phpwcms 1.7.9: CSRF

There is a CSRF vulnerability in phpwcms 1.7.9.

appRain 4.0.3: CSRF
2015 Dec 02

appRain 4.0.3: CSRF

None of the forms of appRain 4.0.3 have CSRF protection.

ClipperCMS 1.3.0: CSRF
2015 Nov 13

ClipperCMS 1.3.0: CSRF

ClipperCMS 1.3.0 has as only CSRF protection a referer check, which can be disabled by an admin.

Quick.Cart 6.6: CSRF
2015 Oct 07

Quick.Cart 6.6: CSRF

There are multiple CSRF vulnerabilities in Quick.Cart 6.6.

Supercali Event Calendar 1.0.8: CSRF
2015 Oct 07

Supercali Event Calendar 1.0.8: CSRF

There is no CSRF protection in Supercali Event Calendar 1.0.8.

OpenCart 2.0.3.1: CSRF
2015 Oct 07

OpenCart 2.0.3.1: CSRF

OpenCart 2.0.3.1 does not have CSRF protection for customers.

MyWebSQL 3.6: CSRF
2015 Oct 07

MyWebSQL 3.6: CSRF

MyWebSQL 3.6 does not have CSRF protection.

SQL Buddy 1.3.3: CSRF
2015 Oct 07

SQL Buddy 1.3.3: CSRF

The CSRF protection in SQL Buddy 1.3.3. does not work properly. This issue has not been fixed.

Pligg CMS 2.0.2: Code Execution and CSRF
2015 Oct 07

Pligg CMS 2.0.2: Code Execution and CSRF

There is a Code Execution vulnerability in the admin area of Pligg CMS 2.0.2. It can be exploited via CSRF. This issue has not been fixed.

ZeusCart 4.0: CSRF
2015 Sep 14

ZeusCart 4.0: CSRF

ZeusCart 4.0 does not have CSRF protection. Because of this, it is for example possible to add additional admin accounts. This issue has not been fixed.

NibbleBlog 4.0.3: CSRF
2015 Sep 01

NibbleBlog 4.0.3: CSRF

There is a CSRF vulnerability in NibbleBlog 4.0.3 which can lead to the creating of new posts and thus XSS. The issue is not yet fixed.