33 matches found
CVE-2026-8426
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepareremoteupgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgrade method to...
Exploit for Missing Authentication for Critical Function in Projectsend
ProjectSend CVE-2024-11680 Exploit This is a proof-of-concept...
Unauthenticated File Upload in Gogs
Security Advisory:Unauthenticated File Upload in Gogs Vulnerability Type: Unauthenticated File Upload Date: Aug 5, 2025 Discoverer: OpenAI Security Research Summary Gogs exposes unauthenticated file upload endpoints by default. When the global RequireSigninView setting is disabled default, any...
EUVD-2017-15028
Malware in sbrugna...
EUVD-2022-5521
Malicious code in bioql PyPI...
EUVD-2023-35760
Malicious code in bioql PyPI...
CVE-2021-21407
Combodo iTop is an open source, web based IT Service Management tool. Prior to version 2.7.4, the CSRF token validation can be bypassed through iTop portal via a tricky browser procedure. The vulnerability is patched in version 2.7.4 and 3.0.0...
CVE-2023-31452
A cross-site request forgery CSRF token bypass was identified in PRTG 23.2.84.1566 and earlier versions that allows remote attackers to perform actions with the permissions of a victim user, provided the victim user has an active session and is induced to trigger the malicious request. This could...
Important: mailman
Issue Overview: Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the authentication of arbitrary users for requests that modify an option, as demonstrated by gaining access to the credentials of a victim's...
RHEL 8 : mailman:2.1 (RHSA-2021:5081)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:5081 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin...
RHEL 8 : mailman:2.1 (RHSA-2021:5080)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:5080 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin...
Cross-Site Request Forgery (CSRF)
mailman is vulnerable to cross-site request forgery. The vulnerability exists due to a CSRF token bypass...
CentOS 7 : mailman (RHSA-2021:4913)
The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4913 advisory. - Cross-site request forgery CSRF vulnerability in the user options page in GNU Mailman 2.1.x before 2.1.23 allows remote attackers to hijack the...
RHEL 8 : mailman:2.1 (RHSA-2021:4915)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:4915 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin...
RHEL 7 : mailman (RHSA-2021:4913)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:4913 advisory. Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks...
RLSA-2021:4916 Important: mailman:2.1 security update
Mailman is a program used to help manage e-mail discussion lists. Security Fixes: mailman: CSRF token bypass allows to perform CSRF attacks and admin takeover CVE-2021-44227 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
mailman:2.1 security update
An update is available for mailman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mailman is a program used to help manage e-mail discussion lists. Security...
Important: Red Hat Security Advisory: mailman:2.1 security update
An update for the mailman:2.1 module is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...
mailman:2.1 security update
An update is available for mailman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mailman is a program used to help manage e-mail discussion lists. Security...
PHP Laravel 8.70.1 Cross Site Request Forgery / Cross Site Scripting
Exploit Title: PHP Laravel 8.70.1 - Cross Site Scripting XSS to Cross Site Request Forgery CSRF Date: 14/11/2021 Exploit Author: Hosein Vita Vendor Homepage: https://laravel.com/ Software Link: https://laravel.com/docs/4.2 Version: Laravel Framework 8.70.1 Tested on: Windows/Linux Description: We...