Dasan Networks GPON ONT WiFi Router H64X Series suffers from a cross site request forgery vulnerability.
f8789c203d45686a1478547c8f7ef85bPelco IP cameras suffer from a cross site request forgery vulnerability. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
7cab066459f46bedf6175289966aec2ePulse Connect Secure version 8.3R1 suffer from cross site scripting and cross site request forgery vulnerabilities.
f881d55ec2c771f14be93daa0a0887bfRSA Archer GRC version 6.2.0.2 suffers from bypass, cross site request forgery, information disclosure, open redirection, and cross site scripting vulnerabilities.
6cf471214abe6297b8b4c071b0aa43fdKaspersky Anti-Virus for Linux File Server version 8.0.3.297 suffers from remote code execution, cross site request forgery, cross site scripting, security bypass, information disclosure, and path traversal vulnerabilities.
834309bd7c681fce682800c2b27a31c0D-Link DIR-100 suffers from brute force and cross site request forgery vulnerabilities.
b8b887922adc51bf8cd2293906751d38WonderCMS version 2.1.0 suffers from a cross site request forgery vulnerability.
8dd441fa404a60b175fca0bd626ee043SimpleCE version 2.3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
9585ae5beaede1fd55c691c3d1c2f53eInvision Power Board version 4.1.19.2 suffers from reflective and stored cross site scripting, cross site request forgery, information disclosure, file upload, and shell access vulnerabilities.
a22518e9d6c3e73504202b0d32770349Robert version 0.5 suffers from cross site request forgery, cross site scripting, remote SQL injection, and directory traversal vulnerabilities.
cfd060cdd873a90420373f8cc4f97108Peplink version 7.0.0-build1904 suffers from cross site request forgery, cross site scripting, file deletion, and remote SQL injection vulnerabilities.
36d56c06b635fb1596ea43530b5b607eRemote attackers can abuse the "Subscribe to Podcast" feature of Subsonic 6.1.1 to store persistent XSS payloadsif an authenticated user clicks a malicious link or visits an attacker controlled webpage.
75781fa859d6d75c6a7786692df6ec8cRemote attackers can abuse the Podcast feature of subsonic to launch Server Side Request Forgery attacks from the subsonic server if an authenticated user clicks a malicious link or visits an attacker controlled webpage.
a2b09d2527ad59b05aab04f9625f9618Subsonic media streaming server can allow a remote attacker to reset account passwords if usernames are known and victims click a malicious link.
c0b7a9d078f87d27a0bd9759794033d1Debian Linux Security Advisory 3870-1 - Several vulnerabilities were discovered in wordpress, a web blogging tool. They would allow remote attackers to force password resets, and perform various cross-site scripting and cross-site request forgery attacks.
34393add3f849a2fcd80e1d68c82c1e4Trend Micro ServerProtect suffers from information disclosure, manipulation, cross site request forgery, cross site scripting, and various other vulnerabilities.
351e7980ee3be97f07ceb95ec237ce90Mantis Bug Tracker versions 1.3.10 and 2.3.0 suffer from a cross site request forgery vulnerability.
41e0b9f5db14efa67c836d0f2df4b6f0Apache Archiva versions 2.0.0 through 2.2.1 suffer from multiple cross site request forgery vulnerabilities.
1ab7f438819b236c0d36318e7f4791d8Debian Linux Security Advisory 3856-1 - Two vulnerabilities have been discovered in the web interface of the Deluge BitTorrent client (directory traversal and cross-site request forgery).
94c93fe733d629e34296312a84e22a5fWestern Digital TV Media Player version 1.03.07 suffers from file upload, local file inclusion, cross site request forgery, private key issue, remote SQL injection, and other vulnerabilities.
25bbe7a316a961b85fad5f438278159aWordPress EELV Newsletter plugin version 4.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
e1a27282affcbe3a0ad2774b0cb16815Admidio version 3.2.8 suffers from a cross site request forgery vulnerability.
a31a465feaf927b0183013a091f0da3cMailCow version 0.14 suffers from multiple cross site request forgery vulnerabilities.
1271ada87b550f1aad5c9b7194c8786fGongwalker API Manager version 1.1 suffers from cross site request forgery vulnerabilities.
55bfb61ebd899d34c09719998714cddaASUS routers suffer from cross site request forgery and information disclosure vulnerabilities. Versions affected include RT-AC55U, RT-AC56R, RT-AC56S, RT-AC56U, RT-AC66U, RT-AC88U, RT-AC66R, RT-AC66U, RT-AC66W, RT-AC68W, RT-AC68P, RT-AC68R, RT-AC68U, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC53U, RT-AC1900P, RT-AC3100, RT-AC3200, RT-AC5300, RT-N11P, RT-N12 (D1 version only), RT-N12+, RT-N12E, RT-N18U, RT-N56U, RT-N66R, RT-N66U (B1 version only), and RT-N66W.
3d95db7d42745579a0c76b4da4866297
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed