Lupusec XT2 Plus Main Panel CSRF Vulnerability. The flaw exists as application does not implement sufficient measures against CSRF attacks. The flaw exists due to insufficient CSRF protection in Village theme WordPress Village Theme CSRF Vulnerability. Gadu-Gadu does not properly perform protocol handling, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and add arbitrary user accounts or cause a denial of service as administrators via an unspecified "crafted link," possibly related to the gg protocol.Ĭross-site request forgery (CSRF) vulnerability in the mycalendar plugin before 0.13 for Serendipity allows remote attackers to perform actions as blog administrators, which can be leveraged to conduct cross-site scripting (XSS) attacks on the blog page.Ĭross-site request forgery (CSRF) vulnerability in Fusion News 3.9.0 allows remote attackers to perform unauthorized actions via unspecified vectors.įeature 4.7.x-dev and 5.x-dev before 20071206, a Drupal module, does not follow Drupal's Forms API submission model, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks. This vulnerability allows creation of arbitrary users and changing of admin passwords. SOPlanning is prone to a Cross-Site Request Forgery vulnerability. SOPlanning Cross-Site Request Forgery Vulnerability. Multiple cross-site request forgery (CSRF) vulnerabilities in the administration of (1) polls, (2) profiles, (3) IP bans, and (4) forums in (a) WebAPP 0.8 through 0.9.9.6 and (b) WebAPP 0.9.9.3.3, 0.9.9.3.4, and 2007 allow remote attackers to perform deletions as administra. Īdobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file. An attacker who successfully exploits the vulnerability can perform a variety of actions like creating a new folder, deleting an existing folder, creating new users, deleting existing users, creating and deletin. ownCloud is prone to multiple CSRF vulnerabilities. An attacker who successfully exploits the vulnerability can perform a variety of actions like creating a new folder, deleting an existing folder, creating new users, deleting existing users, crea. Nextcloud is prone to multiple CSRF vulnerabilities. Nextcloud Cross Site Request Forgery Vulnerability. A cross site request forgery vulnerability exists in Veeam ONE Reporter due to improper request validation related to all actions and methods. Veeam ONE Reporter Cross Site Request Forgery Vulnerability. Cross Site Request Forgery vulnerability reported in ABC ERP due to improper request validation for Update Admin. ĪBC ERP Cross Site Request Forgery Vulnerability. The flaw exists because the application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the r. Carlo Gavazzi SmartHouse is prone to a cross site request forgery vulnerability. Carlo Gavazzi SmartHouse Cross Site Request Forgery Vulnerability.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |