Video: Bypassing phpNuke 8.x Referer Check Anti-CSRF Defense

[View Online | Download]

Description: This demo proves that simply validating hostname in HTTP Referer, a widely deployed quick anti-csrf defense, can easily be bypassed.

Popular posts from this blog

Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution

Elgg 1.7.10 <= | Multiple Vulnerabilities

SSL Breacher - Yet Another SSL Test Tool