164 matches found
pajbot 跨站请求伪造漏洞
pajbot is a software application. A twitch chatbot. A cross-site request forgery vulnerability exists in versions prior to Pajbot 1.52, which stems from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could exploit the vulnerability to...
IBM FileNet Content Manager 跨站请求伪造漏洞
IBM FileNet Content Manager is a content management solution for the FileNet P8 platform from IBM USA. The solution combines document management with ready-to-use workflow tools to manage images, video, Web content, compliance documents, and more. IBM FileNet Content Manager suffers from a...
IBM Security Verify Information Queue 跨站请求伪造漏洞
IBM Security Verify Information Queue is a cross-product integrator that leverages Kafka technology and a publish/subscribe model to integrate data between IBM security products. A cross-site request forgery vulnerability exists in IBM Security Verify Information Queue. An attacker could exploit...
Owncloud ownCloud 跨站请求伪造漏洞
Owncloud ownCloud is a set of personal cloud storage solutions from the American company ownCloud Owncloud. A cross-site request forgery vulnerability exists in OwnCloud Core, which stems from a WEB application that does not adequately validate whether a request is coming from a trusted user, and...
CVE-2020-4827
IBM API Connect 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.13 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 189841...
IBM Cloud Pak System Cross-Site Request Forgery Vulnerability (CNVD-2021-01065)
IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site request forgery vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit this vulnerability to perform malicious and unauthorized actions...
IBM Cloud Pak System 跨站请求伪造漏洞
IBM Cloud Pak System is a full-stack, converged infrastructure with configurable, pre-integrated software from IBM USA. A cross-site request forgery vulnerability exists in IBM Cloud Pak System 2.3. An attacker could exploit this vulnerability to perform malicious and unauthorized actions...
Esri Arcgis Server 代码问题漏洞
Esri Arcgis Server is the United States Esri company's a Web-oriented can be used to provide geographic location services, enterprise-class software platform. A security vulnerability exists in Esri ArcGIS Server versions prior to 10.8, which stems from a configuration that does not adequately...
IBM Planning Analytics Cross-Site Request Forgery Vulnerability (CNVD-2020-74626)
IBM Planning Analytics is a planning, budgeting, forecasting and analytics solution. A cross-site request forgery vulnerability exists in IBM Planning Analytics 2.0. An attacker could exploit this vulnerability to perform malicious and unauthorized actions transmitted from a user trusted by the...
Red Hat CloudForms Cross-Site Request Forgery Vulnerability
Red Hat CloudForms is a hybrid infrastructure management platform from Red Hat, Inc. The platform provides deployment, management, and other capabilities across virtual machines, clouds, containers, and physical infrastructure. Red Hat CloudForms suffers from a cross-site request forgery...
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) Cross-Site Request Forgery Vulnerability
Trend Micro InterScan Messaging Security Virtual Appliance IMSVA is an appliance for securing communications from Trend Micro. The Trend Micro InterScan Messaging Security Virtual Appliance IMSVA suffers from a cross-site request forgery vulnerability that arises from a web application that does...
IBM Data Risk Manager Cross-Site Request Forgery Vulnerability
IBM Data Risk Manager is a data risk manager that helps discover, analyze and visualize business risks associated with data. A cross-site request forgery vulnerability exists in IBM Data Risk Manager 2.0.6. An attacker could exploit this vulnerability to perform malicious and unauthorized actions...
IBM Security Guardium Insights Cross-Site Request Forgery Vulnerability
IBM Security Guardium Insights is a modern hybrid cloud data security hub designed to provide a reliable view of an organization's data security and compliance posture. A cross-site request forgery vulnerability exists in IBM Security Guardium Insights 2.0.1. An attacker could exploit this...
McAfee Data Loss Prevention ePO extension Cross-Site Request Forgery Vulnerability
McAfee Data Loss Prevention Endpoint DLPe is an integrated endpoint data protection solution from McAfee, Inc. that prevents theft and accidental disclosure of confidential data and provides security policies for file processing and transmission, shared data flow control and data encryption. The...
Automattic WooCommerce Cross-Site Request Forgery Vulnerability
Automattic WooCommerce is the United States Automattic company's set of open source e-commerce platform based on WordPress . A cross-site request forgery vulnerability exists in Automattic WooCommerce versions prior to 3.6.5. The vulnerability stems from the WEB application not adequately verifyi...
CVE-2020-4286
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 176268...
Cross-Site Request Forgery Vulnerability in Multiple NETGEAR Products (CNVD-2020-28139)
The NETGEAR WAC505 and others are a wireless access point AP from NETGEAR. A cross-site request forgery vulnerability exists in multiple NETGEAR products, which stems from a WEB application that does not adequately validate that a request is coming from a trusted user, and can be exploited by an...
Cross-site Request Forgery Vulnerability in Multiple NETGEAR Products (CNVD-2021-59156)
NETGEAR JNR1010 and others are a wireless router from NETGEAR USA. A cross-site request forgery vulnerability exists in multiple NETGEAR products. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user. An attacker could use the...
Cross-site Request Forgery Vulnerability in Multiple NETGEAR Products (CNVD-2021-59162)
NETGEAR WAC505 and others are a wireless access point AP from NETGEAR, Inc. A cross-site request forgery vulnerability exists in several NETGEAR products. The vulnerability stems from the WEB application not adequately verifying that the request is from a trusted user. An attacker could use the...
Cross-Site Request Forgery Vulnerability in Multiple NETGEAR Products (CNVD-2020-31321)
The NETGEAR R7500, among others, is a wireless router from NETGEAR. A cross-site request forgery vulnerability exists in a number of NETGEAR products. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user, and can be exploite...