6 matches found
CVE-2024-45372
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc...
CVE-2024-45372
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc...
CVE-2024-45372
The CVE-2024-45372 issue affects PLANEX MZK-DP300N firmware versions 1.04 and earlier. It is a cross-site request forgery (CSRF) vulnerability in the web management page that can cause a logged-in user viewing a malicious page to perform unintended operations, such as changing the login password....
CVE-2024-45372
MZK-DP300N firmware versions 1.04 and earlier contains a cross-site request forger vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the user to perform unintended operations such as changing the login password, etc...
CVE-2023-29020 Cross site request forgery token fixation in fastify-passport
@fastify/passport is a port of passport authentication library for the Fastify ecosystem. The CSRF Cross-Site Request Forger protection enforced by the @fastify/csrf-protection library, when combined with @fastify/passport in affected versions, can be bypassed by network and same-site attackers...
Moodle < 1.8.11 / 1.9.x < 1.9.7 Multiple Vulnerabilities
Binary data 5257.prm...