4 matches found
PT-2024-18677 · Unknown · Artica Proxy
Name of the Vulnerable Software and Affected Versions: The Artica Proxy administrative web application version 4.50 Description: The Artica Proxy administrative web application deserializes arbitrary PHP objects supplied by unauthenticated users, enabling code execution as the "www-data" user. Th...
CVE-2017-5264
Versions of Nexpose prior to 6.4.66 fail to adequately validate the source of HTTP requests intended for the Automated Actions administrative web application, and are susceptible to a cross-site request forgery CSRF attack...
Cross site request forgery (csrf)
Versions of Nexpose prior to 6.4.66 fail to adequately validate the source of HTTP requests intended for the Automated Actions administrative web application, and are susceptible to a cross-site request forgery CSRF attack...
Siemens SIPROTEC 4 and SIPROTEC Compact Vulnerabilities
OVERVIEW Siemens reports that they have released a firmware update for SIPROTEC 4 and SIPROTEC Compact devices to mitigate authentication bypass and resource exhaustion vulnerabilities. Kirill Nesterov and Anatoly Katushin from Kaspersky Lab reported some of these vulnerabilities directly to...