Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2019/05/31 8:11 p.m.404 views

CVE-2019-9874

CVE-2019-9874 affects Sitecore CMS 7.0–7.2 and Sitecore XP 7.5–8.2 via the Sitecore.Security.AntiCSRF deserialization module. An unauthenticated attacker can trigger remote code execution by sending a serialized .NET object in the HTTP POST parameter __CSRFTOKEN**, exploiting untrusted data deser...

9.8CVSS9.7AI score0.87631EPSS
In wildExploits1References4Affected Software2
Cvelist
Cvelistadded 2019/05/31 8:11 p.m.13 views

CVE-2019-9874

Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF aka anti CSRF module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter CSRFTOKEN...

9.9AI score0.87631EPSS
Exploits1References3
OSV
OSVadded 2018/09/11 1:29 p.m.8 views

CVE-2018-16832

CSRF in the anti-csrf decorator in xunfeng 0.2.0 allows an attacker to modify the configuration via a Flash file because views/lib/AntiCSRF.py can overwrite the request.host value with the content of the X-Forwarded-Host HTTP header...

6.5CVSS7.8AI score
Exploits0References1
Rows per page
Query Builder