Lucene search
K

49 matches found

CNVD
CNVD
added 2019/04/08 12:0 a.m.2 views

UKcms Cross-Site Request Forgery Vulnerability

Lingji Network Technology UKcms is a PHP-based content management system CMS by China Lingji Network Technology. A cross-site request forgery vulnerability exists in UKcms v1.1.10, which originates from a WEB application that does not adequately validate whether a request comes from a trusted use...

8.8CVSS6.9AI score0.00554EPSS
Exploits1References1
CNVD
CNVD
added 2019/02/11 12:0 a.m.2 views

WSD-T13 Cloud Storage Camera (Android client) suffers from an override access vulnerability (CNVD-2019-06647)

Ltd. is an enterprise specializing in the research and development, production, sales and service of security monitoring products. WSD-T13 Cloud Storage Camera Android client suffers from an overstepping access vulnerability. The vulnerability is due to the server on the client request data...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/01/18 12:0 a.m.15 views

The vulnerability of the remote procedure call handler “arpc_Span” in the atlcore_.dll library of the resource management system of the Galaktika ERP system allows a malicious actor to read data from the memory of the server process.

The vulnerability of the process handler for remote procedure calls in the “arpcSpan” module of the atlcore.dll library of the resource management system of the Galaktika ERP system is related to the lack of validation for the correctness of received requests. Exploiting this vulnerability allows...

4.3CVSS5.5AI score
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2018/09/21 12:0 a.m.7 views

PT-2018-12689 · Webpack · Webpack-Dev-Server

Name of the Vulnerable Software and Affected Versions: webpack-dev-server versions prior to 3.1.10 webpack-dev-server versions prior to 3.1.6 Description: An issue in the WebSocket server used for Hot Module Replacement HMR allows attackers to steal a developer's source code because the origin of...

7.5CVSS7.4AI score0.02534EPSS
Exploits1References12
Exploit DB
Exploit DB
added 2018/05/21 12:0 a.m.26 views

Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery

input type="hidden" name="pw2" value="P@ss...

7.4AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/03/16 12:0 a.m.6 views

The vulnerability of the Citrix NetScaler delivery mechanism, related to insufficient validation of incoming requests, allows a attacker to execute arbitrary commands with root privileges.

The vulnerability of the Citrix NetScaler web application delivery mechanism lies in insufficient validation of incoming requests. Exploiting this vulnerability allows a malicious actor, operating remotely with webapp privileges, to gain access to the nsroot account and execute arbitrary commands...

9CVSS5.8AI score0.03138EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2017/02/24 12:0 a.m.1 views

SonicDICOM PACS Cross-Site Request Forgery Vulnerability

SonicDICOM is a PACS software from JIUN Corporation that combines the functionality of DICOM with a web browser based on DICOM Viewer. A cross-site request forgery vulnerability exists in SonicDICOM. The application program interface allows a user to perform certain actions via an HTTP request...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2016/12/05 12:0 a.m.2 views

Moxa NPort Cross-Site Request Forgery Vulnerability

MOXA Nport is a serial communication server. A cross-site request forgery vulnerability exists in Moxa NPort. An attacker can exploit the vulnerability to launch a cross-site request attack because a user-submitted request is not validated...

8.8CVSS6.9AI score0.00642EPSS
Exploits0References1
Prion
Prion
added 2006/05/24 1:2 a.m.20 views

Authentication flaw

Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic...

7.5CVSS7.1AI score0.01704EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder