Lucene search
K

2125 matches found

Prion
Prion
added 2023/10/10 9:15 a.m.16 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Mediavine Mediavine Control Panel plugin = 2.10.2 versions...

6.8CVSS8.7AI score0.00227EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/10 8:59 a.m.12 views

CVE-2023-44259 WordPress Mediavine Control Panel Plugin <= 2.10.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Mediavine Mediavine Control Panel plugin = 2.10.2 versions...

4.3CVSS7.1AI score0.00227EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/10/10 8:59 a.m.26 views

CVE-2023-44259 WordPress Mediavine Control Panel Plugin <= 2.10.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Mediavine Mediavine Control Panel plugin = 2.10.2 versions...

4.3CVSS9AI score0.00227EPSS
Exploits0References1
CVE
CVE
added 2023/10/10 8:59 a.m.46 views

CVE-2023-44259

CVE-2023-44259: Cross-Site Request Forgery in Mediavine Control Panel plugin for WordPress (versions

8.8CVSS6.5AI score0.00227EPSS
Exploits0References1Affected Software1
Microsoft KB
Microsoft KB
added 2023/10/10 7:0 a.m.974 views

Updates for Skype for Business Server 2019 (KB4470124)

Updates for Skype for Business Server 2019 KB4470124 This article specifies the applicability of Microsoft Skype for Business Server 2019 updates for each server role. Note: Skype for Business Server 2019, August 2025 update includes critical security updates for the Skype meetings application...

7.2CVSS7.8AI score0.90353EPSS
Exploits0
CNNVD
CNNVD
added 2023/10/10 12:0 a.m.3 views

WordPress Plugin Mediavine Control Panel Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site request forgery vulnerability exists in the...

8.8CVSS6.5AI score0.00227EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.5 views

PT-2023-29172 · Mediavine · Mediavine Control Panel

Name of the Vulnerable Software and Affected Versions: Mediavine Mediavine Control Panel plugin versions = 2.10.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the use...

8.8CVSS8.5AI score0.00227EPSS
Exploits0References3
OSV
OSV
added 2023/10/03 2:15 p.m.5 views

CVE-2023-0506

The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access...

8.8CVSS5.8AI score0.00515EPSS
Exploits0References2
Prion
Prion
added 2023/10/03 2:15 p.m.14 views

Privilege escalation

The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access...

6.5CVSS8.8AI score0.00515EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/03 1:12 p.m.7 views

CVE-2023-0506 ByDemes Group Airspace CCTV Web Service Improper Access Control

The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access...

8.8CVSS7.3AI score0.00515EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/03 12:0 a.m.4 views

PT-2023-16318 · Bydemes · Bydemes Group Airspace Cctv Web Service

Name of the Vulnerable Software and Affected Versions: ByDemes Group Airspace CCTV Web Service version 2.616.BY00.11 Description: The web service of ByDemes Group Airspace CCTV Web Service contains a privilege escalation issue, detected in the Camera Control Panel. This could allow a low-privileg...

8.8CVSS8.9AI score0.00515EPSS
Exploits0References6
Patchstack
Patchstack
added 2023/09/27 12:0 a.m.15 views

WordPress Mediavine Control Panel Plugin <= 2.10.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Mediavine Control Panel Type Plugin Vulnerable versions = 2.10.2 Fixed in 2.10.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-44259 Patch priority Low CVSS severity Low 4.3 Developer Mediavine PSID d5d78ea56f25 Credits Rio Darmawan...

8.8CVSS7AI score0.00227EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/09/20 9:15 p.m.4 views

CVE-2023-42321

Cross Site Request Forgery CSRF vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files...

8.8CVSS6.2AI score0.00364EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/09/20 12:0 a.m.14 views

CVE-2023-42321

Cross Site Request Forgery CSRF vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files...

9.2AI score0.00364EPSS
Exploits0References2
OSV
OSV
added 2023/09/16 1:15 a.m.3 views

CVE-2023-39777

A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...

5.4CVSS5.9AI score0.00386EPSS
Exploits1References1
NVD
NVD
added 2023/09/16 1:15 a.m.11 views

CVE-2023-39777

A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...

5.4CVSS5.4AI score0.00386EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/09/16 12:0 a.m.15 views

CVE-2023-39777

A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...

5.5AI score0.00386EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/09/16 12:0 a.m.14 views

CVE-2023-39777

A cross-site scripting XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0 allows attackers to execute arbitrary web scripts or HTML via the /login.php?do=login url parameter...

5.9AI score0.00386EPSS
Exploits1References1
CVE
CVE
added 2023/09/16 12:0 a.m.46 views

CVE-2023-39777

CVE-2023-39777 is a documented XSS vulnerability in the Admin Control Panel of vBulletin 5.7.5 and 6.0.0, exploitable via the /login.php?do=login URL parameter. The issue is caused by a cross-site scripting flaw that allows an attacker to run arbitrary web scripts or HTML in the context of an aff...

5.4CVSS5.3AI score0.00386EPSS
Exploits1References1Affected Software1
Kaspersky
Kaspersky
added 2023/09/12 12:0 a.m.51 views

KLA60565 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Identity Linux Broker can be exploited remotely ...

9.8CVSS8.3AI score0.02831EPSS
Exploits0References7
Rows per page
Query Builder