Lucene search
K

774 matches found

UbuntuCve
UbuntuCve
added 2008/09/25 7:25 p.m.30 views

CVE-2008-4242

ProFTPD 1.3.1 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery CSRF attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web...

6.8CVSS6.1AI score0.07066EPSS
Exploits1References1
Prion
Prion
added 2008/09/04 5:41 p.m.13 views

Cross site request forgery (csrf)

The administration application in Django 0.91, 0.95, and 0.96 stores unauthenticated HTTP POST requests and processes them after successful authentication occurs, which allows remote attackers to conduct cross-site request forgery CSRF attacks and delete or modify data via unspecified requests...

5.8CVSS7.2AI score0.00931EPSS
Exploits0References10Affected Software1
FreeBSD
FreeBSD
added 2008/06/14 12:0 a.m.40 views

apache -- multiple vulnerabilities

Apache HTTP server project reports: The following potential security flaws are addressed: CVE-2008-2364: modproxyhttp: Better handling of excessive interim responses from origin server to prevent potential denial of service and high memory usage. Reported by Ryujiro Shibuya. CVE-2007-6420:...

5CVSS6.5AI score0.12714EPSS
Exploits3References1
Cvelist
Cvelist
added 2008/06/09 11:0 p.m.26 views

CVE-2008-1106

The management interface in Akamai Client formerly Red Swoosh 3322 and earlier allows remote attackers to bypass authentication via an HTTP request that contains 1 no Referer header, or 2 a spoofed Referer header that matches an approved domain, which allows remote attackers to conduct cross-site...

7.6AI score0.00773EPSS
Exploits1References8
Debian
Debian
added 2008/04/24 9:2 p.m.41 views

[SECURITY] [DSA 1534-2] New iceape packages fix regression

------------------------------------------------------------------------ Debian Security Advisory DSA-1534-2 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 24, 2008 http://www.debian.org/security/faq -...

9.3CVSS7.6AI score0.06055EPSS
Exploits4
OpenVAS
OpenVAS
added 2008/04/21 12:0 a.m.11 views

Debian: Security Advisory (DSA-1553-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.5AI score0.00637EPSS
Exploits0References2
Cvelist
Cvelist
added 2008/04/02 6:0 p.m.22 views

CVE-2008-1654

Interaction error between Adobe Flash and multiple Universal Plug and Play UPnP services allow remote attackers to perform Cross-Site Request Forgery CSRF style attacks by using the Flash navigateToURL function to send a SOAP message to a UPnP control point, as demonstrated by changing the primar...

6.7AI score0.04796EPSS
Exploits1References22
securityvulns
securityvulns
added 2008/03/04 12:0 a.m.46 views

Airscanner Mobile Security Advisory #07122001: Eye-Fi Multiple Vulnerabilities

Airscanner Mobile Security Advisory 07122001: Eye-Fi Solution Multiple Vulnerabilities Product: Eye-Fi 1.1.2 Platform: NA Requirements: NA Credits: Seth Fogie Airscanner Mobile Security http://www.airscanner.com December 20, 2007 Risk Level: Medium - Spoofed image injection, redirection of upload...

0.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.44 views

SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 2545)

The Adobe Acrobat Reader Japanese version has been updated to version 7.0.9. This update also includes following security fixes : - A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. CVE-2006-5857 - Universal cross-site request forgery CSRF...

9.3CVSS8.5AI score0.55677EPSS
Exploits4References8
securityvulns
securityvulns
added 2007/06/27 12:0 a.m.67 views

Calyptix Security Advisory CX-2007-04 - Cross-Site Request Forgery Attack Against Check Point Safe@Office Device

Calyptix Security Advisory CX-2007-04 Cross-Site Request Forgery Attack Against Check Point Safe@Office Device Date: 06/26/2007 http://www.calyptix.com/ http://labs.calyptix.com/CX-2007-04.php http://labs.calyptix.com/CX-2007-04.txt Overview Multiple versions of Check Point's Safe@Office UTM devi...

7.5AI score
Exploits0
NVD
NVD
added 2007/03/20 8:19 p.m.21 views

CVE-2007-1520

The cross-site request forgery CSRF protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTPREFERER, which allows remote attackers to conduct CSRF attacks...

6.8CVSS6.8AI score0.00779EPSS
Exploits1References8
Prion
Prion
added 2007/03/20 8:19 p.m.17 views

Cross site request forgery (csrf)

The cross-site request forgery CSRF protection in PHP-Nuke 8.0 and earlier does not ensure the SERVER superglobal is an array before validating the HTTPREFERER, which allows remote attackers to conduct CSRF attacks...

6.8CVSS7.4AI score0.00779EPSS
Exploits1References8Affected Software1
securityvulns
securityvulns
added 2006/10/19 12:0 a.m.37 views

Rapid7 Advisory R7-0026: HTTP Header Injection Vulnerabilities in the Flash Player Plugin

Rapid7 Advisory R7-0026 HTTP Header Injection Vulnerabilities in the Flash Player Plugin Published: Oct 17, 2006 Revision: 1.0 http://www.rapid7.com/advisories/R7-0026.jsp 1. Affected Systems: KNOWN VULNERABLE: o Flash Player plugin 9.0.16 for Windows o Flash Player plugin 7.0.63 for Linux PROBAB...

6.6AI score
Exploits0
Packet Storm
Packet Storm
added 2006/02/06 12:0 a.m.44 views

phpBB2.0.19.txt

Orginal Source: http://securityreason.com/achievementsecurityalert/31 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin Author: Maksymilian Arciemowicz cXIb8O3 Date: 3.2.2006 from SecurityReason.Com CVE-2006-0437 for the XSS issues CVE-2006-0438...

5CVSS6.6AI score0.02485EPSS
Exploits3
Rows per page
Query Builder