386 matches found
ABB多款产品 数据伪造问题漏洞
ABB Relion Protection Relays and others are products of ABB Switzerland.ABB Relion Protection Relays are a compact, multifunctional solution for utility and industrial power distribution systems.ABB REX610 is a flexibly configurable all-in-one protection relay.ABB REX615 is ABB REX615 is a flexib...
CVE-2024-46362
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/createdirectory...
CVE-2024-46362
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/createdirectory...
CVE-2024-46085
FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/plugin/filemanager/rename...
CVE-2024-46362
CVE-2024-46362 – FrogCMS v0.9.5 CSRF flaw : The Red Hat/NVD/NVD-linked entries describe a Cross‑Site Request Forgery vulnerability exploitable via the endpoint /admin/?/plugin/file_manager/create_directory in FrogCMS 0.9.5. The underlying issue is CSRF that could allow an attacker to perform unau...
CVE-2024-42607
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminbackup.php?dobackup=database...
CVE-2024-42608
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/submitpage.php...
CVE-2024-42618
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /module.php?module=karma...
CVE-2024-42605
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/editpage.php?linkid=1...
Microsoft Teams 数据伪造问题漏洞
Microsoft Teams is a software for online meetings, chat, and cloud storage capabilities from Microsoft USA. A data forgery issue vulnerability exists in Microsoft Teams version 24046.2813.2770.1094, which stems from a specially crafted library in the macOS version that can be exploited to gain...
Microsoft Windows Print Spooler Components 数据伪造问题漏洞
Microsoft Windows Print Spooler Components is a printing backend handler component from Microsoft Corporation USA. A data forgery vulnerability exists in Microsoft Windows Print Spooler Components. An attacker could exploit the vulnerability to elevate privileges. The following products and...
CVE-2024-42624
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/page/delete/10...
CVE-2024-42630
CVE-2024-42630 affects FrogCMS v0.9.5 with a Cross-Site Request Forgery (CSRF) in the admin file manager create_file endpoint: /admin/?/plugin/file_manager/create_file. Root cause is CSRF in the file management API, requiring user interaction for exploitation. Impact is high (confidentiality, int...
CVE-2024-42623
FrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/?/layout/delete/1...
Important: freeradius
Issue Overview: RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can modify any valid Response Access-Accept, Access-Reject, or Access-Challenge to any other response using a chosen-prefix collision attack against MD5 Response Authenticator signature...
WordPress CM Email Registration Blacklist and Whitelist plugin < 1.4.9 - Add/Delete Emails via CSRF Add and delete any item from blacklist/whitelist vulnerability
Add/Delete Emails via CSRF Add and delete any item from blacklist/whitelist vulnerability discovered by Felipe Caon in WordPress Plugin CM Email Registration Blacklist and Whitelist versions 1.4.9...
CVE-2024-40332
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/moneyRecorddeal.php?mudi=delRecord...
CVE-2024-40328
CVE-2024-40328 affects idccms v1.35 and is a Cross-Site Request Forgery (CSRF) vulnerability exposed via /admin/memberOnline_deal.php?mudi=del&dataType=&dataID=6. Public sources (NVD, Red Hat, CNNVD, CVE list, etc.) describe the issue and confirm the affected product, with CVSSv3.1 base score 6.3...
CVE-2024-40039
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/userGroupdeal.php?mudi=del...
CVE-2024-40039
idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/userGroupdeal.php?mudi=del...