Zucchetti Axess CLOKI Access Control version 1.64 suffers from a cross site request forgery vulnerability.
5ee851be27389c34fce6b6b8f31ca356b97517cee36216ebce3cf2a59bf0d6a4Red Hat Security Advisory 2021-5081-03 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
5a5487a5b46e8e7e04aee01ee335fde4b9dff9dccb898556c0dddaf42afff455Red Hat Security Advisory 2021-5080-01 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
76dc0fd1f1620075939e5b73ae06af35574743ebdd90169472fc96fff99ef4e8Red Hat Security Advisory 2021-4913-04 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
c0b2367bca6b9519cbf4eef54ab3a7cc8eece40d1140a7de1f14b7331fe671bdRed Hat Security Advisory 2021-4915-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
ae9ebdc6a6b3f3d493d2dcf2934db0f74cca8bd213ab14ece18aa1f758476438Red Hat Security Advisory 2021-4916-01 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
9300feba4300b0658f042c5c469b8856a41deeb1e5b2cc3499bf1d666f38237eRed Hat Security Advisory 2021-4837-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
da322af9925df9b13306362953effa81984e67c2c5736ed7a6d7a42016b35732Red Hat Security Advisory 2021-4838-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
bb526170f9703a69821a3db3f612496e679220fb515ad16625d199b42964ede6Red Hat Security Advisory 2021-4839-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
fc6755eec5257a10ac71b7c64432cfb6808ffcb94fa7916e3ef8d310485c4506Red Hat Security Advisory 2021-4826-02 - Mailman is a program used to help manage e-mail discussion lists. Issues addressed include bypass and cross site request forgery vulnerabilities.
01c9eca9735075e3086e61c04041b4419b8bdee0646991eed6726a30d52e8583Quick.CMS version 6.7 suffers from a cross site scripting vulnerability that can allow for cross site request forgery attacks.
67a0a105c6f950cecd0e39d185aca97751f39901cc4896bc691f737af9c4e4ecPHP Laravel version 8.70.1 suffers from cross site scripting and cross site request forgery related vulnerabilities.
03959819037d931fa9bc8a86e042128e57d18e192cdb95d48075c2d8e2c636b5Hostel Management System version 2.1 suffers from cross site request forgery and cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Kokn3t in October of 2020.
c25a1cf3e43fddf34b3dba5ae1ca94327edad0924a642a4cba70ea26c887ae6bUbuntu Security Notice 5121-1 - Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman did not properly associate cross-site request forgery tokens to specific accounts. A remote attacker could use this to perform a CSRF attack to gain access to another account. Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman's cross-site request forgery tokens for the options page are derived from the admin password. A remote attacker could possibly use this to assist in performing a brute force attack against the admin password. Various other issues were also addressed.
31b5089934b776c5932880b406f38f121f36e74f6461c25588737e5f22c7ff0fCompany's Recruitment Management System version 1.0 suffers from a cross site request forgery vulnerability.
27e20635cf994a88f5150325e93b767a93d8218c7c979512756f20752b66d47bPharmacy Point of Sale System version 1.0 suffers from a cross site request forgery vulnerability.
605722563102eea533c2fc77ed46adae259020fe9ff980c82ec0940b83055ae5OpenVPN Monitor versions 1.1.3 and below suffer from a cross site request forgery vulnerability that allows an attacker to disconnect arbitrary VPN clients.
1f3480045376cc0f2cd806ce155a2c7af1486e8d2504fc839a567a574a2ca25dWordPress Fitness Calculators plugin version 1.9.5 suffers from a cross site request forgery vulnerability.
d98f7bece9083eaddb26bd624c829967f736f30e927d68f33fefce05c524fcccBackdrop CMS version 1.20.0 suffers from cross site request forgery vulnerabilities that can assist an attacker in achieving command execution.
83f2c2540b4e545354939b0ed9b2d43a41e2854821c3ae85e8eb3277dbf64132T-Soft E-Commerce version 4 suffers from a cross site request forgery vulnerability.
c6b8e63ffe9cd49eeb60a1fb0927f605b76c7e0f0c0526db27887b5438211ac3ECOA building automation systems suffer from a cross site request forgery vulnerability. Many versions are affected.
c5e04be1683df924f6735186c911be919b8740e173fc6f468e327ce6ed73c7eeMultiple Altus Sistemas de Automacao products such as the Nexto NX30xx Series, Nexto NX5xxx Series, Nexto Xpress XP3xx Series, and Hadron Xtorm HX3040 Series suffer from command injection, cross site request forgery, and hardcoded credential vulnerabilities.
04419f303d6024196a934d7a822a54ec4c5ef330f60bde124f5af5cb94703343GeoVision Geowebserver versions 5.3.3 and below suffer from code execution, cross site request forgery, cross site scripting, html injection, and local file inclusion vulnerabilities.
8ccb4bb1b96f86b0ef24cd5e1b36f037c42c2f00bb5ec9a80fedbe4537f7a7abCloverDX version 5.9.0 cross site request forgery to remote code execution exploit.
596b2eea2e27565ab3f218e20a495aaef02193748d901ef08464493dd7fc27d9Webmin version 1.973 cross site request forgery exploit that loads a reverse shell.
8a316a9307c0d4b3b8fa1f3bb02ab7e2a5d250b7b981658538c23e171ca98d24
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed