Alice GATE CSRF reconfiguration
The most widely distribuited italian ADSL routers Telecom ADSL Alice Gate VoIP 2 Plus Wi-Fi and ADSL2+ Wi-Fi N suffer a CSRF attack that allows an attacker to modify internal router configuration like DNS servers, traffic routing, VoIP configurations, DHCP parameters, and and other configurations that may lead to a complete takeover of the user's ADSL connection. The technique is also useful to enable hidden feature and telnet/ftp/tftp/web extended admin interface.
FCKeditor XSS post vulnerability
Web editor reflected POST XSS.
Kusaba X XSS/CSRF vulnerability
Imageboard XSS/CSRF lead to SQL command execution.
Fastweb Myfastpage authorization control bypass
Fastweb website suffer of XSS flaw that permits to log into account control panels without proper authentication.