14 matches found
EUVD-2020-18580
Malware in sbrugna...
CVE-2024-42565
ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/contact/delete?action=delete...
CVE-2020-25950
Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...
WordPress Easy Property Listings plugin < 3.5.4 - Arbitrary Contact Deletion via CSRF vulnerability
Arbitrary Contact Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Easy Property Listings versions 3.5.4...
CVE-2024-3163
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack...
CVE-2024-3163
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack...
CVE-2024-3163 Easy Property Listings < 3.5.4 - Arbitrary Contact Deletion via CSRF
The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack...
Cross-Site Request Forgery (CSRF) in tsolucio/corebos
✍️ Description Attacker able to delete any contact with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the I...
CVE-2020-25950
Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...
CVE-2020-25950
Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...
Cross site request forgery (csrf)
Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...
CVE-2020-25950
Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...
Mautic <= 1.4.1 Multiple CSRF Vulnerabilities
Mautic is prone to multiple cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
delquery1.php in Telephone Directory 2008 allows remote attackers to delete arbitrary contacts via a direct request with a modified id variable...