2125 matches found
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Mediavine Mediavine Control Panel plugin = 2.10.2 versions...
CVE-2023-44259 WordPress Mediavine Control Panel Plugin <= 2.10.2 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Mediavine Mediavine Control Panel plugin = 2.10.2 versions...
CVE-2023-44259 WordPress Mediavine Control Panel Plugin <= 2.10.2 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Mediavine Mediavine Control Panel plugin = 2.10.2 versions...
CVE-2023-44259
CVE-2023-44259: Cross-Site Request Forgery in Mediavine Control Panel plugin for WordPress (versions
Updates for Skype for Business Server 2019 (KB4470124)
Updates for Skype for Business Server 2019 KB4470124 This article specifies the applicability of Microsoft Skype for Business Server 2019 updates for each server role. Note: Skype for Business Server 2019, August 2025 update includes critical security updates for the Skype meetings application...
WordPress Plugin Mediavine Control Panel Cross-Site Request Forgery Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in the...
PT-2023-29172 · Mediavine · Mediavine Control Panel
Name of the Vulnerable Software and Affected Versions: Mediavine Mediavine Control Panel plugin versions = 2.10.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the use...
CVE-2023-0506
The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access...
Privilege escalation
The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access...
CVE-2023-0506 ByDemes Group Airspace CCTV Web Service Improper Access Control
The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access...
PT-2023-16318 · Bydemes · Bydemes Group Airspace Cctv Web Service
Name of the Vulnerable Software and Affected Versions: ByDemes Group Airspace CCTV Web Service version 2.616.BY00.11 Description: The web service of ByDemes Group Airspace CCTV Web Service contains a privilege escalation issue, detected in the Camera Control Panel. This could allow a low-privileg...
WordPress Mediavine Control Panel Plugin <= 2.10.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software Mediavine Control Panel Type Plugin Vulnerable versions = 2.10.2 Fixed in 2.10.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-44259 Patch priority Low CVSS severity Low 4.3 Developer Mediavine PSID d5d78ea56f25 Credits Rio Darmawan...
CVE-2023-42321
Cross Site Request Forgery CSRF vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files...
CVE-2023-42321
Cross Site Request Forgery CSRF vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files...
CVE-2023-39777
A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...
CVE-2023-39777
A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...
CVE-2023-39777
A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...
CVE-2023-39777
A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...
CVE-2023-39777
CVE-2023-39777 is a documented XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0, exploitable via the /login.php?do=login URL parameter. The issue is caused by a cross-site scripting flaw that allows an attacker to run arbitrary web scripts or HTML in the context of an aff...
KLA60565 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Identity Linux Broker can be exploited remotely ...