Lucene search
K

38 matches found

CNVD
CNVD
added 2026/03/31 12:0 a.m.11 views

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15832)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by attackers to hijack or impersonate administrator users...

8.1CVSS5.9AI score0.00218EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/26 12:0 a.m.10 views

HCL Aftermarket DPC 安全漏洞

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by attackers to hijack or impersonate administrator users...

8.1CVSS5.8AI score0.00218EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-3394

Malware in sbrugna...

6.8CVSS6.4AI score0.00656EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-9162

Malware in sbrugna...

6.8CVSS6.4AI score0.01001EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-2027

Malware in sbrugna...

6.8CVSS6.4AI score0.00664EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-9166

Malware in sbrugna...

6.8CVSS6.4AI score0.0101EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2013-6777

Malware in sbrugna...

6.8CVSS6.4AI score0.03654EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-15542

Malware in sbrugna...

8.8CVSS8.7AI score0.01036EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-2129

Malware in sbrugna...

3.5CVSS6.4AI score0.00693EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-26420

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00465EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:56 a.m.7 views

CVE-2012-6629

Multiple cross-site request forgery CSRF vulnerabilities in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change an email address or 2 conduct script insertion attacks. NOTE: the provenance o...

6.8CVSS7.4AI score0.00986EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:43 a.m.15 views

CVE-2013-7376

Multiple cross-site request forgery CSRF vulnerabilities in OpenX 2.8.10, possibly before revision 82710, allow remote attackers to hijack the authentication of administrators, as demonstrated by requests that conduct directory traversal attacks via the group parameter to 1 plugin-preferences.php...

6.8CVSS7.5AI score0.03327EPSS
Exploits6References1
CVE
CVE
added 2025/03/19 2:7 a.m.50 views

CVE-2024-10444

CVE-2024-10444 affects Synology DiskStation Manager (DSM) via the LDAP utilities component, where improper certificate validation enables man-in-the-middle attacks that can hijack administrator authentication. Affected DSM versions include 7.1.1-42962-8, 7.2.1-69057-7, and 7.2.2-72806-3. The issu...

7.5CVSS7.1AI score0.00237EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/21 12:0 a.m.5 views

Wowza Media Systems Wowza Streaming Engine 跨站脚本漏洞

Wowza Media Systems Wowza Streaming Engine is a powerful, customizable and extensible media server software from Wowza Media Systems, USA. It is used to reliably stream high-quality video and audio to any device, anywhere. A cross-site scripting vulnerability exists in Wowza Media Systems Wowza...

9.6CVSS6AI score0.00641EPSS
Exploits0References1
NVD
NVD
added 2022/11/30 2:15 p.m.11 views

CVE-2022-38801

In Zkteco BioTime 8.5.3 Build:20200816.447, an employee can hijack an administrator session and cookies using blind cross-site scripting...

5.4CVSS0.00337EPSS
Exploits0References2
OSV
OSV
added 2022/07/26 2:15 a.m.4 views

CVE-2022-22686

Cross-Site Request Forgery CSRF vulnerability in webapi component in Synology Calendar before 2.3.4-0631 allows remote authenticated users to hijack the authentication of administrators via unspecified vectors...

8CVSS5.8AI score0.00291EPSS
Exploits0References1
OSV
OSV
added 2022/05/24 7:21 p.m.15 views

GHSA-M9HV-QMQH-33QH EC-CUBE Cross-site request forgery (CSRF) vulnerability

Cross-site request forgery CSRF vulnerability in EC-CUBE 2 series 2.11.0 to 2.17.1 allows a remote attacker to hijack the authentication of Administrator and delete Administrator via a specially crafted web page...

6.5CVSS6.5AI score0.00533EPSS
Exploits1References4
Prion
Prion
added 2022/04/20 2:15 a.m.9 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in 'MicroPayments - Paid Author Subscriptions, Content, Downloads, Membership' versions prior to 1.9.6 allows a remote unauthenticated attacker to hijack the authentication of an administrator and perform unintended operation via unspecified vectors...

6.8CVSS8.8AI score0.00791EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/02/24 3:15 p.m.6 views

CVE-2022-21179

Cross-site request forgery CSRF vulnerability in EC-CUBE plugin 'Mail Magazine Management Plugin' ver4.0.0 to 4.1.1 for EC-CUBE 4 series and ver1.0.0 to 1.0.4 for EC-CUBE 3 series allows a remote unauthenticated attacker to hijack the authentication of an administrator via a specially crafted pag...

4.3CVSS5.8AI score0.00465EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/01/17 10:15 a.m.6 views

CVE-2022-0180

Cross-site request forgery CSRF vulnerability in Quiz And Survey Master versions prior to 7.3.7 allows a remote attacker to hijack the authentication of administrators and conduct arbitrary operations via a specially crafted web page...

8.8CVSS6.8AI score0.00654EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder