PT-2026-20516

MajorDoMo aka Major Domestic Module is vulnerable to unauthenticated remote code execution through supply chain compromise via update URL poisoning. The saverestore module exposes its admin method through the /objects/?module=saverestore endpoint without authentication because it uses gr'mode'...

CVE-2014-0835

Cross-site request forgery CSRF vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify console Auto Update settings...

CVE-2014-0835

IBM QRadar SIEM (7.2 MR1 and earlier) is affected by CVE-2014-0835, a Cross-Site Request Forgery that allows an attacker to hijack administrator authentication to modify Auto Update settings. The root cause centers on unauthorized changes to AutoUpdate configuration via CSRF without authenticatio...

CVE-2014-0835

Cross-site request forgery CSRF vulnerability in IBM Security QRadar SIEM 7.2 MR1 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify console Auto Update settings...