19 matches found
CVE-2026-40928
WWBN AVideo (versions ≤ 29.0) exposes state-changing JSON endpoints under objects/ without CSRF protection or origin/referer checks. A logged-in user can be coerced to perform actions via attacker-controlled HTML: like/dislike comments (objects/comments_like.json.php), post comments with attacker...
WWBN AVideo: Missing CSRF Protection on State-Changing JSON Endpoints Enables Forced Comment Creation, Vote Manipulation, and Category Asset Deletion
Summary Multiple AVideo JSON endpoints under objects/ accept state-changing requests via $REQUEST/$GET and persist changes tied to the caller's session user, without any anti-CSRF token, origin check, or referer check. A malicious page visited by a logged-in victim can silently: 1. Cast/flip the...
EUVD-2026-22047
Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload,...
CVE-2026-40041
Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload,...
CVE-2026-40041
CVE-2026-40041 affects Pachno 1.0.6 and describes a cross-site request forgery (CSRF) vulnerability arising from missing CSRF protections on state-changing endpoints. Attackers can craft requests that execute actions in an authenticated user context via attacker-controlled sites, targeting login,...
CVE-2026-40041 Pachno 1.0.6 Cross-Site Request Forgery via State-Changing Endpoints
Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload,...
CVE-2026-40041
Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload,...
PT-2026-32495
Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload,...
CVE-2026-31849
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing endpoints such as /goform/setSysTools and other administrative interfaces. As a result, an attacker can craft malicious web requests that are executed in the context of an...
CVE-2026-31849 Missing CSRF Protection on Administrative Endpoints in Nexxt Nebula 300+
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement CSRF protections on state-changing endpoints such as /goform/setSysTools and other administrative interfaces. As a result, an attacker can craft malicious web requests that are executed in the context of an...
Talishar 跨站请求伪造漏洞
Talishar is an open-source game client developed by Talishar. Talishar has a cross-site request forgery vulnerability, which stems from the lack of cross-site request forgery protection on key state-changing endpoints. This vulnerability may allow unauthorized operations to occur...
CVE-2026-25812 PlaciPy is Missing CSRF Protection on State-Changing Endpoints
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application enables credentialed CORS requests but does not implement any CSRF protection mechanism...
CVE-2026-25812 PlaciPy is Missing CSRF Protection on State-Changing Endpoints
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application enables credentialed CORS requests but does not implement any CSRF protection mechanism...
CVE-2026-25812
PlaciPy (version 1.0.0) exposes credentialed CORS and lacks CSRF protection on state-changing endpoints. The connected sources confirm this core issue but do not supply a remediation, exploit details, or vendor-specific mitigations. Practical impact: potential CSRF-style abuse where authenticated...
CVE-2026-25812 PlaciPy is Missing CSRF Protection on State-Changing Endpoints
PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, the application enables credentialed CORS requests but does not implement any CSRF protection mechanism...
EUVD-2025-201708
Some endpoints in vulnerability-lookup that modified application state e.g. changing database entries, user data, configurations, or other privileged actions may have been accessible via HTTP GET requests without requiring a CSRF token. This flaw leaves the application vulnerable to Cross-Site...
CVE-2025-42616
CVE-2025-42616 concerns Vulnerability-Lookup prior to 2.18.0 where certain endpoints could change state (e.g., database entries, user data, configurations) via HTTP GET requests without CSRF protection. This allowed CSRF-style abuse under an authenticated session, potentially enabling privilege e...
UnoPim vulnerable to CSRF on Product edit feature and creation of other types
Summary Some of the endpoints of the application is vulnerable to Cross site Request forgery CSRF. | Method | Endpoint | Status | Reason | |:------:|:------:|:------:|:------:| | POST | /admin/catalog/products/create | Not Vulnerable :whitecheckmark: | X-XSRF-TOKEN header used | | GET |...
Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2
CSRF Set 1 modify invoice status Medium severity Description CSRF in saving invoices / modifying status of invoices pending and cancel only Proof of Concept The following state-changing endpoints are vulnerable to CSRF GET...