8 matches found
CVE-2026-40471
CVE-2026-40471 affects the Hackage hackage-server where CSRF protection was lacking across endpoints. This could allow forged requests from scripts on foreign sites to abuse latent credentials, potentially uploading packages or performing administrative actions, with some unauthenticated actions ...
CVE-2017-8930
Multiple cross-site request forgery CSRF vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can 1 create new administrator user accounts and take over the entire application, 2 create regular user accounts, or 3 change...
CVE-2022-31294
An issue in the saveusers function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts...
The vulnerability of the Windows Media Foundation component of the Windows operating system allows attackers to gain privileges to install programs, view, modify, or delete data, as well as create new user accounts with full user rights.
The vulnerability of the Windows Media Foundation component in the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain privileges to install programs, view, modify, or delete data, and create...
CVE-2020-3148
A vulnerability in the web-based interface of Cisco Prime Network Registrar CPNR could allow an unauthenticated, remote attacker to conduct a cross-site request forgery CSRF attack on an affected system. The vulnerability is due to insufficient CSRF protections in the web-based interface. An...
Cisco Unified Intelligence Center Security Mechanism Bypass Vulnerability
Cisco Unified Intelligence Center is the management center for Cisco's Unified Communications system. A security mechanism bypass vulnerability exists in Cisco Unified Intelligence Center that could be exploited by a remote attacker to create user accounts by submitting a special request...
Cisco Spark REST Interface Access Bypass Vulnerability
Cisco Spark is a collaboration services solution. A security vulnerability in the REST interface of Cisco Spark allows remote attackers to bypass established access restrictions by sending web requests to create arbitrary user accounts...
CVE-2016-1322
The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID CSCuv72584...