CSRF Vulnerability in MicroStrategy Web application

# Title: Cross-Site Request Forgery (CSRF) Vulnerability in MicroStrategy Web application allows modifying user's preferences. Author: Wissam Bashour Vendor: MicroStrategy Product: MicroStrategy Web Version: All versions below 10.4.0026.0049 Tested Version

Boolean-based SQL injection Vulnerability in K2 Platforms

Title: Boolean-based SQL injection Vulnerability in K2 Platforms. Author: Wissam Bashour - Help AG Middle East Vendor: K2 Product: SmartForms, BlackPearl, K2 for sharepoint Version: 4.6.7 Tested Version: Version 4.6.7 Severity: HIGH CVE Reference: CVE-2015-7299 # About the Product: K2 smartforms

CSRF Vulnerability in C2Box application CVE-2015-4460

Please add this advisory to your archive. Thanks. # Title: Cross-Site Request Forgery (CSRF) Vulnerability in C2Box application Allows adding an Admin User or reset any user's password. Author: Wissam Bashour - Help AG Middle East Vendor: boxautomation(B.A.S