Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-1596

Malware in sbrugna...

5CVSS6.1AI score0.01737EPSS
Exploits1References8
OSV
OSV
added 2024/12/16 7:11 a.m.270 views

BIT-GITLAB-2024-8647 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab

An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled...

5.4CVSS5.2AI score0.00423EPSS
Exploits1References3
OSV
OSV
added 2024/12/12 12:2 p.m.4 views

CVE-2024-8647 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab

An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled...

5.4CVSS6.3AI score0.00423EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/12/12 12:2 p.m.17 views

CVE-2024-8647 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab

An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled...

5.4CVSS0.00423EPSS
Exploits1References2
Hacker One
Hacker One
added 2015/02/05 1:8 p.m.58 views

Enter: CSRF token leakage

Hi, I have noticed that when the account verification fails here : https://wallet.robocoin.com/verify/ due to an error, the CSRF token is being leaked via GET method like : https://wallet.robocoin.com/verify/id?csrf=b8ede20d-0c0b-4e16-9d05-6ad2ed8b72c4 So the authenticity token is being stored in...

6.8AI score
Exploits0
OSV
OSV
added 2013/10/27 12:55 a.m.14 views

CVE-2013-4302

1 ApiBlock.php, 2 ApiCreateAccount.php, 3 ApiLogin.php, 4 ApiMain.php, 5 ApiQueryDeletedrevs.php, 6 ApiTokens.php, and 7 ApiUnblock.php in includes/api/ in MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 allow remote attackers to obtain CSRF tokens and bypass the...

6.2AI score
Exploits0References10
OwnCloud
OwnCloud
added 2013/05/14 11:42 a.m.46 views

Server: CSRF token leakage

The configuration loader in ownCloud 5.0.x before 5.0.6 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive information. For more information please consult the official advisory. This advisory is licensed CC BY-SA 4.0...

5CVSS6AI score0.01799EPSS
Exploits0Affected Software1
Rows per page
Query Builder