Secunia – Fork CMS Vulnerability

Secunia has published an advisory related to a “0day” vulnerabilty (http://ivanobinetti.blogspot.com/2012/02/forkcms-325-csrf-and-xss-0day.html which I’ve discovered in the past days and regarding a CSRF (Cross Site Request Forgery) which affects ForkCMS 3.2.5 and lower.
Secunia tested this vulnerability also in 3.2.6 version, latest release which ForkCMS team published few days ago.
As I already said in my advisory I think that ForkCMS in a very nice CMS which, with some security improvements, can become a great cms. May be that I will use it in the future.

Following you can read more details about Secunia Advisory:
https://secunia.com/advisories/48067

Also PacketStorm has published this Advisory:
http://packetstormsecurity.org/files/110069/sa48067.txt

D-Link DSL-2640B "0day" Vulnerabilities

SecurityFocus (http://www.securityfocus.com/) has assigned me three BID (Bugtraq ID) related to “0day” Dlink and Cisco Linksys vulnerabilities regarding design flaws and exploitable using CSRF:

Following you can read more details about them:
http://www.securityfocus.com/bid/52096
http://www.securityfocus.com/bid/52129
http://www.securityfocus.com/bid/52105