Lucene search
K

33 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.11 views

CVE-2026-8426

Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepareremoteupgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgrade method to...

8.8CVSS6.3AI score0.00171EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/03/31 12:10 p.m.190 views

Exploit for Missing Authentication for Critical Function in Projectsend

ProjectSend CVE-2024-11680 Exploit This is a proof-of-concept...

9.8CVSS7.9AI score0.91559EPSS
Exploits4
Github Security Blog
Github Security Blog
added 2026/02/17 6:44 p.m.6 views

Unauthenticated File Upload in Gogs

Security Advisory:Unauthenticated File Upload in Gogs Vulnerability Type: Unauthenticated File Upload Date: Aug 5, 2025 Discoverer: OpenAI Security Research Summary Gogs exposes unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any...

9.8CVSS5.6AI score0.00618EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-15028

Malware in sbrugna...

9.8CVSS9.5AI score0.00608EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2022-5521

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.09212EPSS
Exploits0References52
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35760

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00506EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 6:19 p.m.8 views

CVE-2021-21407

Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the CSRF token validation can be bypassed through iTop portal via a tricky browser procedure. The vulnerability is patched in version 2.7.4 and 3.0.0...

8CVSS6.8AI score0.00461EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/09 12:0 a.m.16 views

CVE-2023-31452

A cross-site request forgery CSRF token bypass was identified in PRTG 23.2.84.1566 and earlier versions that allows remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request. This could...

7.3AI score0.00506EPSS
Exploits0References3
Amazon
Amazon
added 2022/01/20 12:0 a.m.45 views

Important: mailman

Issue Overview: Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's...

8.8CVSS8.2AI score0.01613EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/12/13 12:0 a.m.26 views

RHEL 8 : mailman:2.1 (RHSA-2021:5081)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:5081 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin...

8.8CVSS7.9AI score0.0073EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/12/13 12:0 a.m.26 views

RHEL 8 : mailman:2.1 (RHSA-2021:5080)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:5080 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin...

8.8CVSS7.9AI score0.0073EPSS
Exploits0References4
Veracode
Veracode
added 2021/12/10 12:41 a.m.26 views

Cross-Site Request Forgery (CSRF)

mailman is vulnerable to cross-site request forgery. The vulnerability exists due to a CSRF token bypass...

8.8CVSS3.5AI score0.0073EPSS
Exploits0References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2021/12/06 12:0 a.m.46 views

CentOS 7 : mailman (RHSA-2021:4913)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4913 advisory. - Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the...

8.8CVSS7.5AI score0.01613EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/12/03 12:0 a.m.33 views

RHEL 8 : mailman:2.1 (RHSA-2021:4915)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:4915 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin...

8.8CVSS7.9AI score0.0073EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2021/12/03 12:0 a.m.37 views

RHEL 7 : mailman (RHSA-2021:4913)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4913 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks...

8.8CVSS7.4AI score0.01613EPSS
Exploits0References8
OSV
OSV
added 2021/12/02 3:57 p.m.40 views

RLSA-2021:4916 Important: mailman:2.1 security update

Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover CVE-2021-44227 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

8CVSS8.7AI score0.0073EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2021/12/02 3:57 p.m.32 views

mailman:2.1 security update

An update is available for mailman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mailman is a program used to help manage e-mail discussion lists. Security...

8.8CVSS1.1AI score0.0073EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2021/11/24 8:34 a.m.48 views

Important: Red Hat Security Advisory: mailman:2.1 security update

An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

8.5CVSS6.7AI score0.01289EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2021/11/23 8:17 p.m.35 views

mailman:2.1 security update

An update is available for mailman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mailman is a program used to help manage e-mail discussion lists. Security...

8.5CVSS1.8AI score0.01289EPSS
Exploits0
Packet Storm
Packet Storm
added 2021/11/15 12:0 a.m.297 views

PHP Laravel 8.70.1 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: PHP Laravel 8.70.1 - Cross Site Scripting XSS to Cross Site Request Forgery CSRF Date: 14/11/2021 Exploit Author: Hosein Vita Vendor Homepage: https://laravel.com/ Software Link: https://laravel.com/docs/4.2 Version: Laravel Framework 8.70.1 Tested on: Windows/Linux Description: We...

7.1AI score
Exploits0
Rows per page
Query Builder