MAGMI - Cross-Site Request Forgery

MAGMI Magento Mass Importer is vulnerable to cross-site request forgery CSRF due to a lack of CSRF tokens. Remote code execution via phpcli command is also possible in the event that CSRF is leveraged against an existing admin session. id: CVE-2020-5776 info: name: MAGMI - Cross-Site Request...

CVE-2026-5776

The Email Encoder WordPress plugin before 2.4.7 does not escape email addresses retrieved via user input, allowing unauthenticated attackers to perform Stored XSS attacks...

EUVD-2025-5776

Malicious code in bioql PyPI...

CVE-2020-5776

creationtimestamp| type| source ---|---|--- 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-01-26 2025-02-07 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-02-07 2025-02-17 00:00:00+00:00| seen| The Shadowserver...

Debian dsa-5776 : tryton-server - security update

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5776 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5776-1 [email protected] https://www.debian.org/security/ Moritz...

CVE-2023-5776

The Post Meta Data Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing nonce validation on the pmdmwpajaxdeletemeta, pmdmwpdeleteusermeta, and pmdmwpdeleteusermeta functions. This makes it possible for...

CVE-2023-5776

CVE-2023-5776 (Post Meta Data Manager, WordPress) is a CSRF vulnerability in all versions up to 1.2.1 due to missing nonce validation on meta deletion endpoints (pmdm_wp_ajax_delete_meta, pmdm_wp_delete_user_meta, pmdm_wp_delete_user_meta). Unauthenticated attackers can forge requests to delete a...

WordPress Post Meta Data Manager Plugin <= 1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Post Meta Data Manager Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-5776 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID be22b4c7158e Credits Francesco...

Screen SFT DAB 600/C - Unauthenticated Information Disclosure (userManager.cgx)

Exploit Title: Screen SFT DAB 600/C - Unauthenticated Information Disclosure userManager.cgx Exploit Author: LiquidWorm Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com...

Screen SFT DAB 600/C Unauthenticated Information Disclosure

Screen SFT DAB 600/C Unauthenticated Information Disclosure userManager.cgx Vendor: DB Elettronica Telecomunicazioni SpA Product web page: https://www.screen.it | https://www.dbbroadcast.com https://www.dbbroadcast.com/products/radio/sft-dab-series-compact-air/ Affected version: Firmware: 1.9.3...

Screen SFT DAB 600/C Authentication Bypass Reset Board Config Exploit

Summary Screen's new radio DAB Transmitter is reaching the highest technology level in both Digital Signal Processing and RF domain. SFT DAB Series - Compact Radio DAB Transmitter - Air. Thanks to the digital adaptive precorrection and configuatio flexibility, the Hot Swap System technology, the...

SUSE CVE-2019-5776

Incorrect handling of a confusable character in Omnibox in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name...

CentOS 7 : firefox (RHSA-2022:5776)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:5776 advisory. - Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory...

Oracle Linux 7 : firefox (ELSA-2022-5776)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-5776 advisory. 91.12.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs....

RHEL 7 : firefox (RHSA-2022:5776)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:5776 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

CVE-2017-5776

...

CVE-2017-5776

CVE-2017-5776 is rejected/not used per the initial description.

Magneto MAGMI Remote Code Execution (CVE-2020-5776)

A remote code execution vulnerability exists in Magneto MAGMI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

CVE-2020-5776

CVE-2020-5776 affects MAGMI (Magento Mass Importer). MAGMI is vulnerable to cross-site request forgery (CSRF) due to lack of CSRF tokens, and CSRF could be leveraged to achieve remote code execution (RCE) via the phpcli command when an admin session is present. Affected versions include all MAGMI...

CVE-2012-5776

creationtimestamp| type| source ---|---|--- 2020-01-29 18:38:20+00:00| seen| https://t.me/cibsecurity/9479...