Zucchetti Axess CLOKI Access Control version 1.64 suffers from a cross site request forgery vulnerability.
5ee851be27389c34fce6b6b8f31ca356b97517cee36216ebce3cf2a59bf0d6a4
Red Hat Security Advisory 2021-5081-03 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
5a5487a5b46e8e7e04aee01ee335fde4b9dff9dccb898556c0dddaf42afff455
Red Hat Security Advisory 2021-5080-01 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
76dc0fd1f1620075939e5b73ae06af35574743ebdd90169472fc96fff99ef4e8
Red Hat Security Advisory 2021-4913-04 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
c0b2367bca6b9519cbf4eef54ab3a7cc8eece40d1140a7de1f14b7331fe671bd
Red Hat Security Advisory 2021-4915-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
ae9ebdc6a6b3f3d493d2dcf2934db0f74cca8bd213ab14ece18aa1f758476438
Red Hat Security Advisory 2021-4916-01 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
9300feba4300b0658f042c5c469b8856a41deeb1e5b2cc3499bf1d666f38237e
Red Hat Security Advisory 2021-4837-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
da322af9925df9b13306362953effa81984e67c2c5736ed7a6d7a42016b35732
Red Hat Security Advisory 2021-4838-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
bb526170f9703a69821a3db3f612496e679220fb515ad16625d199b42964ede6
Red Hat Security Advisory 2021-4839-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
fc6755eec5257a10ac71b7c64432cfb6808ffcb94fa7916e3ef8d310485c4506
Red Hat Security Advisory 2021-4826-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
01c9eca9735075e3086e61c04041b4419b8bdee0646991eed6726a30d52e8583
Quick.CMS version 6.7 suffers from a cross site scripting vulnerability that can allow for cross site request forgery attacks.
67a0a105c6f950cecd0e39d185aca97751f39901cc4896bc691f737af9c4e4ec
PHP Laravel version 8.70.1 suffers from cross site scripting and cross site request forgery related vulnerabilities.
03959819037d931fa9bc8a86e042128e57d18e192cdb95d48075c2d8e2c636b5
Hostel Management System version 2.1 suffers from cross site request forgery and cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Kokn3t in October of 2020.
c25a1cf3e43fddf34b3dba5ae1ca94327edad0924a642a4cba70ea26c887ae6b
Ubuntu Security Notice 5121-1 - Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman did not properly associate cross-site request forgery tokens to specific accounts. A remote attacker could use this to perform a CSRF attack to gain access to another account. Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman's cross-site request forgery tokens for the options page are derived from the admin password. A remote attacker could possibly use this to assist in performing a brute force attack against the admin password. Various other issues were also addressed.
31b5089934b776c5932880b406f38f121f36e74f6461c25588737e5f22c7ff0f
Company's Recruitment Management System version 1.0 suffers from a cross site request forgery vulnerability.
27e20635cf994a88f5150325e93b767a93d8218c7c979512756f20752b66d47b
Pharmacy Point of Sale System version 1.0 suffers from a cross site request forgery vulnerability.
605722563102eea533c2fc77ed46adae259020fe9ff980c82ec0940b83055ae5
OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients.
1f3480045376cc0f2cd806ce155a2c7af1486e8d2504fc839a567a574a2ca25d
WordPress Fitness Calculators plugin version 1.9.5 suffers from a cross site request forgery vulnerability.
d98f7bece9083eaddb26bd624c829967f736f30e927d68f33fefce05c524fccc
Backdrop CMS version 1.20.0 suffers from cross site request forgery vulnerabilities that can assist an attacker in achieving command execution.
83f2c2540b4e545354939b0ed9b2d43a41e2854821c3ae85e8eb3277dbf64132
T-Soft E-Commerce version 4 suffers from a cross site request forgery vulnerability.
c6b8e63ffe9cd49eeb60a1fb0927f605b76c7e0f0c0526db27887b5438211ac3
ECOA building automation systems suffer from a cross site request forgery vulnerability. Many versions are affected.
c5e04be1683df924f6735186c911be919b8740e173fc6f468e327ce6ed73c7ee
Multiple Altus Sistemas de Automacao products such as the Nexto NX30xx Series, Nexto NX5xxx Series, Nexto Xpress XP3xx Series, and Hadron Xtorm HX3040 Series suffer from command injection, cross site request forgery, and hardcoded credential vulnerabilities.
04419f303d6024196a934d7a822a54ec4c5ef330f60bde124f5af5cb94703343
GeoVision Geowebserver versions 5.3.3 and below suffer from code execution, cross site request forgery, cross site scripting, html injection, and local file inclusion vulnerabilities.
8ccb4bb1b96f86b0ef24cd5e1b36f037c42c2f00bb5ec9a80fedbe4537f7a7ab
CloverDX version 5.9.0 cross site request forgery to remote code execution exploit.
596b2eea2e27565ab3f218e20a495aaef02193748d901ef08464493dd7fc27d9
Webmin version 1.973 cross site request forgery exploit that loads a reverse shell.
8a316a9307c0d4b3b8fa1f3bb02ab7e2a5d250b7b981658538c23e171ca98d24