Computer Security

Security Advisory: MkPortal Urlobox Cross Site Request Forgery
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA23406] Novell NetWare Welcome web-app Cross-Site Scripting Vulnerability

  [SA23388] eyeOS File Upload Vulnerability

  cwmExplorer 1.0 (show_file) Source Code Disclosure Vulnerability

  cwmVote 1.0 File Include Vulnerability

From:webmaster666_(at)_email.it <webmaster666_(at)_email.it>
Date:20.12.2006
Subject:MkPortal Urlobox Cross Site Request Forgery

MkPortal Urlobox Cross Site Request Forgery

Discovered by: Demential
Web: http://www.burnhead.it
E-mail: info@burnhead.it
Mkportal website: http://www.mkportal.it

posting [img]?ind=urlobox&op=delete&idurlo=X[/img] in MkPortal urlobox
where X is an ID of a message,
when administrator opens urlobox page
message X will be erased.

--
Email.it, the professional e-mail, gratis per te: http://www.email.it/f

Sponsor:
Stupisci i tuoi Amici con le Fantastiche Idee Regalo D-Mail !
Clicca qui: http://adv.email.it/cgi-bin/foclick.cgi?mid=5889&d=20061220

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server