Lucene search
K

63 matches found

NVD
NVD
added 2024/01/12 3:15 p.m.15 views

CVE-2023-51949

Verydows v2.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /protected/controller/backend/rolecontroller...

8.8CVSS8.9AI score0.00286EPSS
Exploits1References1
Prion
Prion
added 2024/01/12 3:15 p.m.13 views

Cross site request forgery (csrf)

Verydows v2.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /protected/controller/backend/rolecontroller...

6.8CVSS7.8AI score0.00286EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/01/12 12:0 a.m.3 views

Verydows Cross-Site Request Forgery Vulnerability

Verydows is a lightweight open source e-commerce management system developed in PHP. Verydows v2.0 version exists cross-site request forgery vulnerability , the vulnerability stems from the component /protected/controller/backend/rolecontroller contains cross-site request forgery...

8.8CVSS6.8AI score0.00286EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/01/12 12:0 a.m.21 views

CVE-2023-51949

Verydows v2.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /protected/controller/backend/rolecontroller...

9AI score0.00286EPSS
Exploits1References1
CVE
CVE
added 2024/01/12 12:0 a.m.34 views

CVE-2023-51949

Verydows v2.0 is affected by a Cross-Site Request Forgery (CSRF) vulnerability in the component /protected/controller/backend/role_controller. These sources (NVD, Red Hat, CNNVD, PRiON/PT-Security, CVE list, etc.) consistently describe CSRF via that path, with CVSS v3.1 base score 8.8 (HIGH) and ...

8.8CVSS8.8AI score0.00286EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/12 12:0 a.m.5 views

PT-2024-14335 · Verydows · Verydows

Name of the Vulnerable Software and Affected Versions: Verydows version 2.0 Description: The issue is related to a Cross-Site Request Forgery CSRF in the /protected/controller/backend/role controller component. This allows for unauthorized actions to be performed on behalf of a user without their...

8.8CVSS8.6AI score0.00286EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/01/12 12:0 a.m.4 views

CVE-2023-51949

Verydows v2.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /protected/controller/backend/rolecontroller...

8.9AI score0.00286EPSS
Exploits1References1
NVD
NVD
added 2023/05/09 4:15 p.m.17 views

CVE-2020-23363

Cross Site Request Forgery CSRF vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script...

8.8CVSS8.9AI score0.00378EPSS
Exploits1References1
Prion
Prion
added 2023/05/09 4:15 p.m.13 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script...

6.8CVSS8.8AI score0.00378EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/05/09 12:0 a.m.5 views

Verydows 跨站请求伪造漏洞

Verydows is a lightweight open source e-commerce management system developed using the PHP language. Verytops Verydows suffers from a security vulnerability that stems from the presence of a cross-site request forgery CSRF vulnerability, which allows an attacker to execute arbitrary code via a...

8.8CVSS8.3AI score0.00378EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/05/09 12:0 a.m.19 views

CVE-2020-23363

Cross Site Request Forgery CSRF vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script...

8.9AI score0.00378EPSS
Exploits1References1
CVE
CVE
added 2023/05/09 12:0 a.m.45 views

CVE-2020-23363

CVE-2020-23363 concerns a Cross-Site Request Forgery (CSRF) vulnerability in Verytops Verydows, reported to affect all versions and potentially allow an attacker to execute arbitrary code via a crafted script. The provided connected documents do not contain concrete technical details such as affe...

8.8CVSS8.8AI score0.00378EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/09 12:0 a.m.7 views

CVE-2020-23363

Cross Site Request Forgery CSRF vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script...

8.9AI score0.00378EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/04/26 9:15 p.m.2 views

CVE-2022-28059

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\databasecontroller.php...

8.1CVSS6AI score0.01171EPSS
Exploits1References3
OSV
OSV
added 2022/04/26 9:15 p.m.2 views

CVE-2022-28058

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

8.1CVSS7.4AI score0.01171EPSS
Exploits1References2
NVD
NVD
added 2022/04/26 9:15 p.m.16 views

CVE-2022-28059

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\databasecontroller.php...

8.1CVSS0.01171EPSS
Exploits1References2
NVD
NVD
added 2022/04/26 9:15 p.m.19 views

CVE-2022-28058

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

8.1CVSS0.01171EPSS
Exploits1References2
OSV
OSV
added 2022/04/26 9:15 p.m.2 views

CVE-2022-28059

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\databasecontroller.php...

8.1CVSS5.9AI score0.01171EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/04/26 9:15 p.m.2 views

CVE-2022-28058

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

8.1CVSS6AI score0.01171EPSS
Exploits1References3
Prion
Prion
added 2022/04/26 9:15 p.m.14 views

Arbitrary file deletion

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

5.5CVSS8.2AI score0.01171EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder