Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

14 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2024-1234

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00112EPSS
Exploits1References3
NVD
NVDadded 2024/04/01 7:15 p.m.9 views

CVE-2024-3135

A Cross-Site Request Forgery CSRF vulnerability exists in the mudler/localai application, allowing attackers to craft malicious webpages that, when visited by a victim, perform unauthorized actions on the victim's local LocalAI instance without their consent. This vulnerability enables attackers ...

6.5CVSS6.5AI score0.00112EPSS
Exploits1References1
OSV
OSVadded 2024/04/01 7:15 p.m.1 views

CVE-2024-3135

A Cross-Site Request Forgery CSRF vulnerability exists in the mudler/localai application, allowing attackers to craft malicious webpages that, when visited by a victim, perform unauthorized actions on the victim's local LocalAI instance without their consent. This vulnerability enables attackers ...

6.5CVSS7.1AI score
Exploits0References1
Cvelist
Cvelistadded 2024/04/01 6:45 p.m.13 views

CVE-2024-3135 Cross-Site Request Forgery (CSRF) Vulnerability in mudler/localai

A Cross-Site Request Forgery CSRF vulnerability exists in the mudler/localai application, allowing attackers to craft malicious webpages that, when visited by a victim, perform unauthorized actions on the victim's local LocalAI instance without their consent. This vulnerability enables attackers ...

6.5CVSS6.6AI score0.00112EPSS
Exploits1References1
Openbugbounty
Openbugbountyadded 2020/11/01 6:9 p.m.7 views

cangvuhanghaicantho.gov.vn Cross Site Scripting vulnerability OBB-1475043

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploits0
NVD
NVDadded 2020/09/18 2:15 p.m.12 views

CVE-2020-15771

An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1. Cross-site transmission of cookie containing CSRF token allows remote attacker to bypass CSRF mitigation...

7.5CVSS0.00107EPSS
Exploits0References2
OSV
OSVadded 2020/09/18 2:15 p.m.13 views

CVE-2020-15771

An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1. Cross-site transmission of cookie containing CSRF token allows remote attacker to bypass CSRF mitigation...

7.5CVSS7AI score0.00107EPSS
Exploits0References2
CVE
CVEadded 2017/08/06 3:0 a.m.49 views

CVE-2017-12584

Summary: CVE-2017-12584 affects SLiMS 8 Akasia (8.3.1 and earlier). The vulnerability stems from no CSRF mitigation and a flaw in admin/modules/system/app_user.php that allows changing a user’s password and profile via passwd1/passwd2 during a changecurrent=true operation without requiring the cu...

8.8CVSS8.6AI score0.00177EPSS
Exploits1References1Affected Software1
exploitpack
exploitpackadded 2017/02/22 12:0 a.m.38 views

D-Link DCS Series Cameras - Insecure Crossdomain

D-Link DCS Series Cameras - Insecure Crossdomain Exploit Title: Insecure CrossDomain.XML in D-Link DCS Series Cameras Date: 22/02/2017 Exploit Author: SlidingWindow , Twitter: @KapilKhot Vendor Homepage: http://us.dlink.com/product-category/home-solutions/view/network-cameras/ Version: Tested on...

6.8CVSS0.4AI score0.00498EPSS
Exploits5
exploitpack
exploitpackadded 2016/02/02 12:0 a.m.13 views

Manage Engine Network Configuration Manager Build 11000 - Cross-Site Request Forgery

Manage Engine Network Configuration Manager Build 11000 - Cross-Site Request Forgery ========================================================================================= Cross-Site Request Forgery Vulnerability in ManageEngine Network Configuration Management...

Exploits0
Packet Storm
Packet Stormadded 2015/08/06 12:0 a.m.20 views

WordPress 3.8.1 / 3.8.2 / 4.2.2 Cross Site Request Forgery

Details ================ Software: WordPress Version: 3.8.1,3.8.2,4.2.2 Homepage: http://wordpress.org/ Advisory report: https://security.dxw.com/advisories/comment-form-csrf-allows-admin-impersonation-via-comments-in-wordpress-4-2-2/ CVE: Awaiting assignment CVSS: 4.3 Medium;...

0.1AI score
Exploits0
securityvulns
securityvulnsadded 2014/11/03 12:0 a.m.76 views

Elastix Multiple vulnerabilities (Remote Command Execution, XSS, CSRF)

Title: Elastix Multiple vulnerabilities Remote Command Execution, XSS, CSRF Author: Simo Ben youssef Contact: SimoatMorxploitcom Discovered: September 1 2014 Published: October 17 2014 MorXploit Research http://www.MorXploit.com Software: Elastix Version: Elastix 2.4.0 Stable Vendor url:...

0.4AI score
Exploits0
CVE
CVEadded 2012/09/05 11:0 p.m.48 views

CVE-2012-4753

CVE-2012-4753 affects ownCloud prior to 4.0.5. The issue is multiple CSRF vulnerabilities that allow remote attackers to hijack user sessions by exploiting authenticated state via unknown vectors. Root cause: CSRF weaknesses in the application before version 4.0.5. Impact: credential/session take...

6.8CVSS7.4AI score0.00157EPSS
Exploits0References1Affected Software2
Packet Storm
Packet Stormadded 2011/05/27 12:0 a.m.53 views

Apache Archiva 1.3.4 Cross Site Request Forgery

CVE-2011-1026: Apache Archiva Multiple CSRF vulnerability Severity: High Vendor: The Apache Software Foundation Versions Affected: Archiva 1.3.0 - 1.3.4 The unsupported versions Archiva 1.0 - 1.2.2 are also affected. Description: An attacker can build a simple html page containing a hidden Image...

6.8CVSS0.3AI score0.00804EPSS
Exploits4
Rows per page
Query Builder