MiracleLinux 4 : ipa-2.1.3-9.0.1.AXS4 (AXSA:2012-370:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-370:01 advisory. IPA is an integrated solution to provide centrally managed Identity machine, user, virtual machines, groups, authentication credentials, Policy configuration...

CVE-2021-20851

Cross-site request forgery CSRF vulnerability in Browser and Operating System Finder versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of an administrator via unspecified vectors...

CVE-2010-4519

Multiple cross-site request forgery CSRF vulnerabilities in the Views UI implementation in the Views module 5.x before 5.x-1.8 and 6.x before 6.x-2.11 for Drupal allow remote attackers to hijack the authentication of administrators for requests that 1 enable all Views or 2 disable all Views...

SUSE CVE-2016-1607

Multiple cross-site request forgery CSRF vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time request...

CVE-2021-20851

Cross-site request forgery CSRF vulnerability in Browser and Operating System Finder versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of an administrator via unspecified vectors...

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Currency Switcher plugin 1.1.6 and prior...

Netgear Gs108ev3 跨站请求伪造漏洞

The GS108Ev3 is an 8-port Gigabit Simple Managed Switch from NETGEAR. A cross-site request forgery vulnerability exists in the NETGEAR GS108Ev3 2.06.10 and earlier firmware versions, which can be exploited by a remote attacker to hijack an administrator's authentication and change the product's...

CVE-2020-5611

Cross-site request forgery CSRF vulnerability in Social Sharing Plugin versions prior to 1.2.10 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

CVE-2015-5595

Cross-site request forgery CSRF vulnerability in admin.php in Zenphoto before 1.4.9 allows remote attackers to hijack the authentication of admin users for requests that may cause a denial of service resource consumption...

CVE-2017-11455

diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack the authentication of administrators for requests to start tcpdump, related to the lack of anti-CS...

DEBIAN-CVE-2015-3902

Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...

CVE-2015-0985

Cross-site request forgery CSRF vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that modify the default user's password via a GET request...

SyndeoCMS Cross-Site Request Forgery Vulnerability

SyndeoCMS is a content management system for elementary schools. A cross-site request forgery vulnerability exists in SyndeoCMS 3.0 and prior versions that allows remote attackers to hijack the authentication of an administrator's request to add a user account, saveuser...

CVE-2013-7352

Cross-site request forgery CSRF vulnerability in blogs/admin.php in b2evolution before 4.1.7 allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the showstatuses parameter, related to CVE-2013-2945...

CVE-2013-5355

Multiple cross-site request forgery CSRF vulnerabilities in Sharetronix 3.1.1 allow remote attackers to hijack the authentication of administrators for requests that 1 change configuration settings or 2 create new administrative users via unspecified vectors...

DEBIAN-CVE-2011-2522

Multiple cross-site request forgery CSRF vulnerabilities in the Samba Web Administration Tool SWAT in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that 1 shut down daemons, 2 start daemons, 3 add shares, 4 remove shares, 5 add printers...

CVE-2010-2282

The CVE-2010-2282 entry describes a Cross-site Request Forgery (CSRF) vulnerability in TomatoCMS 2.0.6. The issue allows remote attackers to hijack the authentication of administrators by issuing requests that change the administrative password. The connected sources confirm the affected software...