Tag
#csrf
An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s current application account using a third-party account without any restrictions.
Lost and Found Information System version 1.0 suffers from a cross site request forgery vulnerability.
Loan Management System version 1.0 suffers from a cross site request forgery vulnerability.
ABIC Cardiology Management System version 1.0 suffers from a cross site request forgery vulnerability.
Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.
Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.
Hotel Management System version 1.0 suffers from a cross site request forgery vulnerability.
Bhojon Restaurant Management System version 3.0 suffers from an ignored default credential vulnerability.
Accounting Journal Management System version 1.0 suffers from a cross site request forgery vulnerability.
Build Your Own Botnet (BYOB) version 2.0.0 exploit that works by spoofing an agent callback to overwrite the sqlite database and bypass authentication and exploiting an authenticated command injection in the payload builder page.