Lucene search
K

91 matches found

Cvelist
Cvelist
added 2026/04/30 12:0 a.m.40 views

CVE-2026-36960

A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the U-SPEED N300 Rounter V1.0.0. The device does not implement CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft ...

0.00173EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/30 12:0 a.m.27 views

EUVD-2026-26377

A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An...

8.8CVSS5.5AI score0.00163EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/30 12:0 a.m.3 views

CVE-2026-36960

A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the U-SPEED N300 Rounter V1.0.0. The device does not implement CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft ...

5.4AI score0.00173EPSS
Exploits0References2
NVD
NVD
added 2025/10/29 6:15 p.m.10 views

CVE-2025-62797

FluxCP is a web-based Control Panel for rAthena servers written in PHP. A critical Cross-Site Request Forgery CSRF vulnerability exists in the FluxCP-based website template used by multiple rAthena/Ragnarok servers. State-changing POST endpoints accept browser-initiated requests that are authoriz...

8.6CVSS0.00182EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-2244

Malware in sbrugna...

8.8CVSS8.8AI score0.00734EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-18725

Malware in sbrugna...

8.8CVSS8.7AI score0.01932EPSS
Exploits5References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-18955

Malware in sbrugna...

8CVSS7.9AI score0.02912EPSS
Exploits5References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-5604

Malware in sbrugna...

8.8CVSS8.8AI score0.00885EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-4646

Malware in sbrugna...

8CVSS7.8AI score0.01079EPSS
Exploits4References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-7991

Malware in sbrugna...

8.8CVSS8.8AI score0.00614EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-8271

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00372EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-43897

Malicious code in bioql PyPI...

8.8CVSS9AI score0.00547EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-32602

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00546EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/07/02 12:0 a.m.5 views

PT-2025-27600 · Unknown · Active! Mail 6

Name of the Vulnerable Software and Affected Versions: Active! mail 6 versions 6.60.06008562 and earlier Description: A cross-site request forgery issue exists, potentially allowing unintended emails to be sent when a user, who is logged in, accesses a specially crafted URL. Recommendations: For...

3.1CVSS4.1AI score0.00127EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/22 6:17 p.m.8 views

CVE-2021-20862

Improper access control vulnerability in ELECOM routers WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior, WRC-1167GST2H firmware v1.25 and prior, WRC-2533GS2-B firmware v1.52 and prior, WRC-2533GS2-W firmware v1.52 and prior, WRC-1750GS firmware v1.03 and prior,...

4.3CVSS7.1AI score0.00372EPSS
Exploits0References1
OSV
OSV
added 2024/05/23 11:15 a.m.13 views

UBUNTU-CVE-2023-7045

A CSRF vulnerability exists within GitLab CE/EE from versions 13.11 before 16.10.6, from 16.11 before 16.11.3, from 17.0 before 17.0.1. By leveraging this vulnerability, an attacker could exfiltrate anti-CSRF tokens via the Kubernetes Agent Server KAS...

6.1CVSS5.8AI score0.00286EPSS
Exploits1References5
OSV
OSV
added 2024/05/23 11:2 a.m.165 views

CVE-2023-7045 Cross-Site Request Forgery (CSRF) in GitLab

A CSRF vulnerability exists within GitLab CE/EE from versions 13.11 before 16.10.6, from 16.11 before 16.11.3, from 17.0 before 17.0.1. By leveraging this vulnerability, an attacker could exfiltrate anti-CSRF tokens via the Kubernetes Agent Server KAS...

5.4CVSS6.1AI score0.00286EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/05/23 12:0 a.m.3 views

PT-2024-4184 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.11 through 16.10.5 GitLab CE/EE versions 16.11 through 16.11.2 GitLab CE/EE versions 17.0 through 17.0.0 Description: A CSRF vulnerability exists within GitLab CE/EE. By leveraging this vulnerability, an attacker coul...

6.1CVSS6.8AI score0.00286EPSS
Exploits1References13
Veracode
Veracode
added 2023/12/28 2:51 p.m.21 views

Cross Site Request Forgery

Concrete CMS is vulnerable to Cross Site Request Forgery. The vulnerability is due improper implementation of anti csrf tokens within the following endpoint /ccm/system/dialogs/logs/deleteall/submit. This issue can be exploited by an attacker by sending malicious url to the authenticated admin to...

4.3CVSS6.6AI score0.00227EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2023/09/20 4:15 p.m.15 views

Cross site request forgery (csrf)

The PaperCutNG Mobility Print version 1.0.3512 application allows an unauthenticated attacker to perform a CSRF attack on an instance administrator to configure the clients host in the "configure printer discovery" section. This is possible because the application has no protections against CSRF...

4.3CVSS6.4AI score0.00228EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder