Lucene search
+L

5 matches found

ATTACKERKB
ATTACKERKB
added 2026/07/06 9:8 p.m.3 views

CVE-2026-34050

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the Settings/Updates Livewire component does not check isInstanceAdmin in its mount method, allowing non-admin users to access the Updates settings page and potentially...

6.5CVSS5.9AI score0.00213EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/18 12:0 a.m.16 views

PT-2026-20516

MajorDoMo aka Major Domestic Module is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin method through the /objects/?module=saverestore endpoint without authentication because it uses gr'mode'...

9.8CVSS6.8AI score0.01086EPSS
Exploits4References3
NVD
NVD
added 2014/01/30 5:17 a.m.19 views

CVE-2014-0835

Cross-site request forgery CSRF vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify console Auto Update settings...

6.8CVSS6.9AI score0.00711EPSS
Exploits0References7
Cvelist
Cvelist
added 2014/01/30 2:0 a.m.24 views

CVE-2014-0835

Cross-site request forgery CSRF vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify console Auto Update settings...

6.9AI score0.00711EPSS
Exploits0References7
CVE
CVE
added 2014/01/30 2:0 a.m.56 views

CVE-2014-0835

IBM QRadar SIEM (7.2 MR1 and earlier) is affected by CVE-2014-0835, a Cross-Site Request Forgery that allows an attacker to hijack administrator authentication to modify Auto Update settings. The root cause centers on unauthorized changes to AutoUpdate configuration via CSRF without authenticatio...

6.8CVSS7.1AI score0.00711EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder