Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5 matches found

seebug.org
seebug.orgadded 2011/03/31 12:0 a.m.28 views

Symantec LiveUpdate Administrator控制请求伪造漏洞

CVE ID: CVE-2011-0545 Symantecs LiveUpdate Administrator可对内容提供基础架构支持。 Symantec LiveUpdate Administrator在实现上存在控制请求伪造漏洞,远程攻击者可利用此漏洞以管理员身份执行HTML或脚本代码。 此漏洞源于登录界面未能正确过滤或验证外部输入中的变量。在向受影响系统的事件日志提交了恶意条目后,授权管理员必须登录到管理界面GUI并访问事件登录页面触发漏洞。 Symantec LiveUpdate Administrator 2.2.2.9 厂商补丁: Symantec --------...

6.8CVSS6.4AI score0.02937EPSS
Exploits3
NVD
NVDadded 2011/03/28 4:55 p.m.24 views

CVE-2011-0545

Cross-site request forgery CSRF vulnerability in adduser.do in Symantec LiveUpdate Administrator LUA before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole...

6.8CVSS7.4AI score0.02937EPSS
Exploits3References10
CVE
CVEadded 2011/03/28 4:0 p.m.56 views

CVE-2011-0545

CVE-2011-0545 describes a cross-site request forgery in Symantec LiveUpdate Administrator (LUA) prior to version 2.3. The vulnerability occurs in the adduser.do endpoint via the userRole parameter, allowing a remote attacker to hijack administrator authentication to create new administrative acco...

6.8CVSS7.6AI score0.02937EPSS
Exploits3References10Affected Software1
securityvulns
securityvulnsadded 2011/03/23 12:0 a.m.259 views

NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability

NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 111011001 11111111101 1 11 0110111 1 1111101111 1001 0 1 10 11 0 10 11 1111111 1 111 111001 111111111 0 10 1111 0 11 11 111111111 1 1101 10...

6.8CVSS6.7AI score0.02937EPSS
Exploits3
Symantec
Symantecadded 2011/03/21 8:0 a.m.46 views

Symantec LiveUpdate Administrator Cross-Site Request Forgery

SUMMARY Symantecs LiveUpdate Administrator LUA is susceptible to a cross-site request forgery vulnerability which could result in the execution of HTML or script code in the context of the admins browser. AFFECTED PRODUCTS Product | Version | Solution ---|---|--- Symantec LiveUpdate Administrator...

6.8CVSS0.1AI score0.02937EPSS
Exploits3Affected Software1
Rows per page
Query Builder