57 matches found
Debian: Security Advisory (DSA-1976-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-20073
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries...
CVE-2021-20073
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries...
[SECURITY] [DLA 1975-1] spip security update
Package : spip Version : 3.0.17-2+deb8u5 CVE ID : CVE-2019-16391 CVE-2019-16392 CVE-2019-16393 CVE-2019-16394 It was discovered that SPIP, a website engine for publishing, would allow unauthenticated users to modify published content and write to the database, perform cross-site request forgeries...
Debian: Security Advisory (DSA-4532-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4532-1 : spip - security update
It was discovered that SPIP, a website engine for publishing, would allow unauthenticated users to modify published content and write to the database, perform cross-site request forgeries, and enumerate registered users. C Tenable Network Security, Inc. The descriptive text and package checks in...
[SECURITY] [DSA 4532-1] spip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4532-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 25, 2019 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4532-1] spip security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4532-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 25, 2019 https://www.debian.org/security/faq -...
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities + Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-SEPM-MULTIPLE-VULNS.txt + ISR: ApparitionSec Vendor: ================ www.symantec.com Product:...
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities
Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-SEPM-MULTIPLE-VULNS.txt + ISR: ApparitionSec Vendor: ================ www.symantec.com Product: =========== SEPM Symantec Endpoint Protection Manager and client v12.1...
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities
Exploit for php platform in category web applications + Credits: John Page aka HYP3RLINX + ISR: ApparitionSec Vendor: ================ www.symantec.com Product: =========== SEPM Symantec Endpoint Protection Manager and client v12.1 SEPM provides a centrally managed solution. It handles security...
sNews CMS 1.7.1 - Multiple Vulnerabilities
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SNEWS-RCE-CSRF-XSS.txt + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type: =================================== Persistent...
sNews CMS 1.7.1 - Multiple Vulnerabilities
sNews CMS 1.7.1 - Multiple Vulnerabilities + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SNEWS-RCE-CSRF-XSS.txt + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type:...
sNews CMS 1.7.1 - Multiple Vulnerabilities
Exploit for php platform in category web applications + Credits: hyp3rlinx + ISR: APPARITIONSEC Vendor: ============ snewscms.com Product: ================ sNews CMS v1.7.1 Vulnerability Type: =================================== Persistent Remote Command Execution Cross Site Request Forgeries CSR...
HP Network Automation Multiple Remote Vulnerabilities (HPSBMU03264)
The version of HP Network Automation running on the remote host is affected by multiple vulnerabilities in the administrative web interface. These vulnerabilities include multiple cross-site request forgeries, cross-site scripting, and clickjacking vulnerabilities. An unauthenticated, remote...
Ubiquiti Inc.: UniFi v3.2.10 Cross-Site Request Forgeries / Referer-Check Bypass
VULNERABILITY DESCRIPTION ----------- The application UniFi v3.2.10 uses JSON requests to add/edit/save/delete configuration options on the administrative web-interface, but the application has an insufficient Cross-Site Request Forgery protection in place by only checking whether the Referer...
Debian Security Advisory DSA 2753-1 (mediawiki - information leak)
It was discovered that in Mediawiki, a wiki engine, several API modules allowed anti-CSRF tokens to be accessed via JSONP. These tokens protect against cross site request forgeries and are confidential. OpenVAS Vulnerability Test $Id: deb2753.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generat...
csrf
This plugin finds Cross Site Request Forgeries csrf vulnerabilities. The simplest type of csrf is checked to be vulnerable, the web application must have sent a permanent cookie, and the aplicacion must have query string parameters. Plugin type Audit Options This plugin doesnt have any user...
Ubuntu: Security Advisory (USN-1182-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : bugzilla -- multiple serious vulnerabilities (c8c927e5-2891-11e0-8f26-00151735203a)
A Bugzilla Security Advisory reports : This advisory covers three security issues that have recently been fixed in the Bugzilla code : - A weakness in Bugzilla could allow a user to gain unauthorized access to another Bugzilla account. - A weakness in the Perl CGI.pm module allows injecting HTTP...