Lucene search
K

12 matches found

CVE
CVE
added 2023/10/03 10:41 a.m.55 views

CVE-2023-24518

CVE-2023-24518 is a CSRF vulnerability in Pandora FMS, affecting version 767 and earlier on all platforms. The threat allows an attacker to coerce authenticated users into making unintended requests to a web application they are logged into, potentially enabling actions such as disabling an admin...

7.1CVSS6.6AI score0.00208EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/03 10:41 a.m.22 views

CVE-2023-24518 Disabling the administrator's account through cross-site request forgery

A Cross-site Request Forgery CSRF vulnerability in Pandora FMS allows an attacker to force authenticated users to send a request to a web application they are currently authenticated against. This issue affects Pandora FMS version 767 and earlier versions on all platforms...

6.7CVSS7AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2023/03/22 2:15 p.m.7 views

CVE-2020-24518

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none...

6.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/08/30 12:0 a.m.37 views

Security Updates for Microsoft Azure Site Recovery (March 2022)

The Microsoft Azure Site Recovery installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands...

9CVSS8AI score0.02698EPSS
Exploits0References12
Circl
Circl
added 2022/03/09 8:18 p.m.6 views

CVE-2022-24518

creationtimestamp| type| source ---|---|--- 2022-03-09 20:18:20+00:00| seen| https://t.me/cibsecurity/38613...

6.5CVSS7.1AI score0.02569EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/09 5:15 p.m.8 views

CVE-2022-24518

Azure Site Recovery Elevation of Privilege Vulnerability...

6.5CVSS6.9AI score0.02569EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/03/09 5:8 p.m.338 views

CVE-2022-24518

CVE-2022-24518 is an Elevation of Privilege issue affecting Microsoft Azure Site Recovery (specifically the VMware-to-Azure recovery scenario). Public documents summarize it as an elevated-privilege vulnerability within Azure Site Recovery components, with remediation delivered through Microsoft ...

6.5CVSS6AI score0.02569EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/16 10:48 a.m.12 views

CVE-2021-24518 WPFront Notification Bar < 2.0.0.07176 - Authenticated Stored XSS

The WPFront Notification Bar WordPress plugin before 2.0.0.07176 does not sanitise or escape its Custom CSS setting, allowing high privilege users such as admin to set XSS payload in it even when the unfilteredhtml capability is disallowed, leading to an authenticated Stored Cross-Site Scripting...

4.8AI score0.00695EPSS
Exploits2References2
CVE
CVE
added 2021/08/16 10:48 a.m.43 views

CVE-2021-24518

The CVE describes an authenticated Stored XSS in the WPFront Notification Bar WordPress plugin prior to version 2.0.0.07176. The vulnerability arises because the plugin does not sanitize/escape its Custom CSS setting, allowing high-privilege users (e.g., admins) to inject XSS payloads even when u...

4.8CVSS4.6AI score0.00695EPSS
Exploits2References2Affected Software1
CVE
CVE
added 1976/01/01 12:0 a.m.4 views

CVE-2025-24518

CVE-2025-24518 is rejected/not used; this entry does not represent an active vulnerability.

5.4AI score
Exploits0
Cvelist
Cvelist
added 1976/01/01 12:0 a.m.23 views

CVE-2025-24518

...

Exploits0
CVE
CVE
added 1976/01/01 12:0 a.m.21 views

CVE-2020-24518

This CVE entry is rejected/not used per the description; no active vulnerability entry.

6.7AI score
Exploits0
Rows per page
Query Builder