Lucene search
K

8 matches found

CVE
CVE
added 2026/04/23 2:56 p.m.11 views

CVE-2026-40471

CVE-2026-40471 affects the Hackage hackage-server where CSRF protection was lacking across endpoints. This could allow forged requests from scripts on foreign sites to abuse latent credentials, potentially uploading packages or performing administrative actions, with some unauthenticated actions ...

9.6CVSS5.8AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:54 a.m.9 views

CVE-2017-8930

Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...

8.8CVSS7.7AI score0.00718EPSS
Exploits0References1
OSV
OSV
added 2022/06/16 6:15 p.m.4 views

CVE-2022-31294

An issue in the saveusers function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts...

6.5CVSS5.8AI score0.00818EPSS
Exploits2References2
BDU FSTEC
BDU FSTEC
added 2020/09/09 12:0 a.m.7 views

The vulnerability of the Windows Media Foundation component of the Windows operating system allows attackers to gain privileges to install programs, view, modify, or delete data, as well as create new user accounts with full user rights.

The vulnerability of the Windows Media Foundation component in the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain privileges to install programs, view, modify, or delete data, and create...

7.8CVSS7.4AI score0.03463EPSS
Exploits0References3
OSV
OSV
added 2020/03/04 7:15 p.m.4 views

CVE-2020-3148

A vulnerability in the web-based interface of Cisco Prime Network Registrar CPNR could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections in the web-based interface. An...

7.1CVSS7AI score0.005EPSS
Exploits0References1
CNVD
CNVD
added 2016/10/13 12:0 a.m.9 views

Cisco Unified Intelligence Center Security Mechanism Bypass Vulnerability

Cisco Unified Intelligence Center is the management center for Cisco's Unified Communications system. A security mechanism bypass vulnerability exists in Cisco Unified Intelligence Center that could be exploited by a remote attacker to create user accounts by submitting a special request...

7.5CVSS6.9AI score0.01301EPSS
Exploits0References1
CNVD
CNVD
added 2016/02/23 12:0 a.m.5 views

Cisco Spark REST Interface Access Bypass Vulnerability

Cisco Spark is a collaboration services solution. A security vulnerability in the REST interface of Cisco Spark allows remote attackers to bypass established access restrictions by sending web requests to create arbitrary user accounts...

7.5CVSS7AI score0.01256EPSS
Exploits0References1
OSV
OSV
added 2016/02/12 1:59 a.m.8 views

CVE-2016-1322

The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584...

7.5CVSS5.9AI score0.01256EPSS
Exploits0References1
Rows per page
Query Builder