38 matches found
Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15832)
HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by attackers to hijack or impersonate administrator users...
HCL Aftermarket DPC 安全漏洞
HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by attackers to hijack or impersonate administrator users...
EUVD-2015-3394
Malware in sbrugna...
EUVD-2010-2027
Malware in sbrugna...
EUVD-2014-9162
Malware in sbrugna...
EUVD-2014-9166
Malware in sbrugna...
EUVD-2013-6777
Malware in sbrugna...
EUVD-2019-15542
Malware in sbrugna...
EUVD-2010-2129
Malware in sbrugna...
EUVD-2022-26420
Malicious code in bioql PyPI...
CVE-2012-6629
Multiple cross-site request forgery CSRF vulnerabilities in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change an email address or 2 conduct script insertion attacks. NOTE: the provenance o...
CVE-2013-7376
Multiple cross-site request forgery CSRF vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote attackers to hijack the authentication of administrators, as demonstrated by requests that conduct directory traversal attacks via the group parameter to 1 plugin-preferences.php...
CVE-2024-10444
CVE-2024-10444 affects Synology DiskStation Manager (DSM) via the LDAP utilities component, where improper certificate validation enables man-in-the-middle attacks that can hijack administrator authentication. Affected DSM versions include 7.1.1-42962-8, 7.2.1-69057-7, and 7.2.2-72806-3. The issu...
Wowza Media Systems Wowza Streaming Engine 跨站脚本漏洞
Wowza Media Systems Wowza Streaming Engine is a powerful, customizable and extensible media server software from Wowza Media Systems, USA. It is used to reliably stream high-quality video and audio to any device, anywhere. A cross-site scripting vulnerability exists in Wowza Media Systems Wowza...
CVE-2022-38801
In Zkteco BioTime 8.5.3 Build:20200816.447, an employee can hijack an administrator session and cookies using blind cross-site scripting...
CVE-2022-22686
Cross-Site Request Forgery CSRF vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated users to hijack the authentication of administrators via unspecified vectors...
GHSA-M9HV-QMQH-33QH EC-CUBE Cross-site request forgery (CSRF) vulnerability
Cross-site request forgery CSRF vulnerability in EC-CUBE 2 series 2.11.0 to 2.17.1 allows a remote attacker to hijack the authentication of Administrator and delete Administrator via a specially crafted web page...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operation via unspecified vectors...
CVE-2022-21179
Cross-site request forgery CSRF vulnerability in EC-CUBE plugin 'Mail Magazine Management Plugin' ver4.0.0 to 4.1.1 for EC-CUBE 4 series and ver1.0.0 to 1.0.4 for EC-CUBE 3 series allows a remote unauthenticated attacker to hijack the authentication of an administrator via a specially crafted pag...
CVE-2022-0180
Cross-site request forgery CSRF vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page...