14 matches found
CSRF Protection Bypass in Ruby on Rails
Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...
Fedora Update for audacious-plugins FEDORA-2011-12350
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Debian Security Advisory DSA 2163-2 (dajaxice)
The remote host is missing an update to dajaxice announced via advisory DSA 2163-2. OpenVAS Vulnerability Test $Id: deb21632.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2163-2 dajaxice Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
[SECURITY] [DSA 2163-2] dajaxice regression fix
------------------------------------------------------------------------- Debian Security Advisory DSA-2163-2 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 1, 2011 http://www.debian.org/security/faq -...
Fedora Update for Django FEDORA-2011-1235
Check for the Version of Django OpenVAS Vulnerability Test Fedora Update for Django FEDORA-2011-1235 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...
Fedora Update for Django FEDORA-2011-1235
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for Django FEDORA-2011-1261
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora 14 : Django-1.2.5-1.fc14 (2011-1235)
Fix for CVE-2011-0696 and CVE-2011-0697. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Fedora 13 : Django-1.2.5-1.fc13 (2011-1261)
Fix for CVE-2011-0696 and CVE-2011-0697. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Ubuntu Update for python-django vulnerabilities USN-1066-1
Ubuntu Update for Linux kernel vulnerabilities USN-1066-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10661.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for python-django vulnerabilities USN-1066-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH,...
CVE-2011-0696
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged AJAX requests that leverage a "combination of browser plugins...
Cross site request forgery (csrf)
Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged 1 AJAX or 2 API requests that...
CVE-2011-0696
Technical details about CVE-2011-0696 are not publicly provided in the supplied documents; no affected products, versions, exploits, or fixes are stated here. Monitor for updates.
CVE-2011-0696
Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery CSRF attacks via forged AJAX requests that leverage a "combination of browser plugins...