Lucene search
K

14 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2020-18580

Malware in sbrugna...

4.3CVSS4.9AI score0.00427EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 7:54 a.m.7 views

CVE-2024-42565

ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/contact/delete?action=delete...

9.8CVSS9.8AI score0.006EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:17 p.m.4 views

CVE-2020-25950

Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...

4.3CVSS7.1AI score0.00427EPSS
Exploits1
Patchstack
Patchstack
added 2024/09/12 10:34 a.m.4 views

WordPress Easy Property Listings plugin < 3.5.4 - Arbitrary Contact Deletion via CSRF vulnerability

Arbitrary Contact Deletion via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin Easy Property Listings versions 3.5.4...

4.3CVSS7AI score0.00214EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2024/09/12 6:15 a.m.18 views

CVE-2024-3163

The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack...

4.3CVSS0.00214EPSS
Exploits1References1
OSV
OSV
added 2024/09/12 6:15 a.m.2 views

CVE-2024-3163

The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack...

4.3CVSS5.8AI score0.00214EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/09/12 6:0 a.m.15 views

CVE-2024-3163 Easy Property Listings < 3.5.4 - Arbitrary Contact Deletion via CSRF

The Easy Property Listings WordPress plugin before 3.5.4 does not have CSRF check when deleting contacts in bulk, which could allow attackers to make a logged in admin delete them via a CSRF attack...

0.00214EPSS
Exploits1References1
Huntr
Huntr
added 2021/08/05 3:19 p.m.11 views

Cross-Site Request Forgery (CSRF) in tsolucio/corebos

✍️ Description Attacker able to delete any contact with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the I...

1.5AI score
Exploits0
NVD
NVD
added 2021/01/08 7:15 a.m.14 views

CVE-2020-25950

Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...

4.3CVSS4.8AI score0.00427EPSS
Exploits1References1
OSV
OSV
added 2021/01/08 7:15 a.m.1 views

CVE-2020-25950

Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...

4.3CVSS5.8AI score0.00427EPSS
Exploits1References1
Prion
Prion
added 2021/01/08 7:15 a.m.8 views

Cross site request forgery (csrf)

Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...

4.3CVSS4.9AI score0.00427EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/01/08 6:54 a.m.14 views

CVE-2020-25950

Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery CSRF attacks that can delete a contact from the My Additional Contact page...

4.8AI score0.00427EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2017/06/13 12:0 a.m.23 views

Mautic <= 1.4.1 Multiple CSRF Vulnerabilities

Mautic is prone to multiple cross-site request forgery CSRF vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS8.8AI score0.00761EPSS
Exploits0References1
Prion
Prion
added 2009/09/08 10:30 a.m.10 views

Design/Logic Flaw

delquery1.php in Telephone Directory 2008 allows remote attackers to delete arbitrary contacts via a direct request with a modified id variable...

5CVSS7.3AI score0.0162EPSS
Exploits0References2
Rows per page
Query Builder