Quicksilver Forums Cross-Site Request Forgery

Secunia Research has discovered a vulnerability in Quicksilver Forums, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. execute arbitrary SQL queries by tricking a logged in administrator into visiting a malicious web site.

You can download this advisory from the following link: https://packetstormsecurity.com/files/download/87375/secunia-qfxsrf.txt

Source: https://packetstormsecurity.com/files/87375/Quicksilver-Forums-Cross-Site-Request-Forgery.html

Something Fresh

VUPEN Security Advisory

VUPEN Security Advisory

HP Security Bulletin HPSBUX02351 SSRT080058 5

What People Reading

sendmail0058.txt

Next Generation Security Advisory 2002.4

phpinfo-xss.txt

Secunia Security Advisory 41822

ViewVC-1.0.2.txt

Categories

Partners

Just add here your partners image or promo text