Lucene search
K

5 matches found

0day.today
0day.today
added 2014/06/27 12:0 a.m.49 views

Endeca Latitude 2.2.2 - CSRF Vulnerability

Exploit for multiple platform in category web applications Product: Endeca Latitude Affected Versions: 2.2.2, potentially others Fixed Versions: N/A Vulnerability Type: Cross-Site Request Forgery Security Risk: low Vendor URL: N/A Vendor Status: decided not to fix Advisory URL:...

4.3CVSS6.6AI score0.0698EPSS
Exploits4
exploitpack
exploitpack
added 2014/06/27 12:0 a.m.48 views

Endeca Latitude 2.2.2 - Cross-Site Request Forgery

Endeca Latitude 2.2.2 - Cross-Site Request Forgery Advisory: Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting discovered a Cross-Site Request Forgery CSRF vulnerability in Endeca Latitude. Using this vulnerability, an attacker might be able to change several different settings of the...

4.3CVSS0.4AI score0.0698EPSS
Exploits4
Exploit DB
Exploit DB
added 2014/06/27 12:0 a.m.57 views

Endeca Latitude 2.2.2 - Cross-Site Request Forgery

Advisory: Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting discovered a Cross-Site Request Forgery CSRF vulnerability in Endeca Latitude. Using this vulnerability, an attacker might be able to change several different settings of the Endeca Latitude instance or disable it entirely...

4.3CVSS6.4AI score0.0698EPSS
Exploits4
Packet Storm
Packet Storm
added 2014/06/25 12:0 a.m.52 views

Endeca Latitude 2.2.2 Cross Site Request Forgery

Advisory: Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting discovered a Cross-Site Request Forgery CSRF vulnerability in Endeca Latitude. Using this vulnerability, an attacker might be able to change several different settings of the Endeca Latitude instance or disable it entirely...

4.3CVSS0.4AI score0.0698EPSS
Exploits4
CVE
CVE
added 2014/04/16 1:0 a.m.58 views

CVE-2014-2399

CVE-2014-2399 concerns Endeca Latitude (Endeca Latitude 2.2.2) Cross‑Site Request Forgery. The CSRF stems from vulnerable admin/config URLs without anti‑CSRF controls, enabling an attacker to trigger administrative actions (e.g., change settings or disable the instance) via forged requests. No fi...

4.3CVSS5.7AI score0.0698EPSS
Exploits4References6Affected Software1
Rows per page
Query Builder