Lucene search
K

5 matches found

Vulnerability Lab
Vulnerability Lab
added 2015/07/22 12:0 a.m.21 views

ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability

Document Title: =============== ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1555 Release Date: ============= 2015-07-22 Vulnerability Laboratory ID VL-ID: ==================================== 1555...

7.4AI score
Exploits0
NVD
NVD
added 2015/06/15 2:59 p.m.12 views

CVE-2015-4364

Multiple cross-site request forgery CSRF vulnerabilities in includes/campaignmonitorlists.admin.inc in the Campaign Monitor module 7.x-1.0 for Drupal allow remote attackers to hijack the authentication of users for requests that 1 enable list subscriptions via a request to...

6.8CVSS7.2AI score0.00656EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/06/15 2:0 p.m.21 views

CVE-2015-4364

Multiple cross-site request forgery CSRF vulnerabilities in includes/campaignmonitorlists.admin.inc in the Campaign Monitor module 7.x-1.0 for Drupal allow remote attackers to hijack the authentication of users for requests that 1 enable list subscriptions via a request to...

7.2AI score0.00656EPSS
Exploits0References5
CVE
CVE
added 2015/06/15 2:0 p.m.39 views

CVE-2015-4364

CVE-2015-4364 covers CSRF flaws in the Drupal Campaign Monitor module (7.x-1.0)—specifically in includes/campaignmonitor_lists.admin.inc—that allow remote attackers to hijack a user’s authentication to enable or disable list subscriptions via URLs like /admin/config/services/campaignmonitor/lists...

6.8CVSS7.4AI score0.00656EPSS
Exploits0References5Affected Software1
Drupal
Drupal
added 2015/03/04 12:0 a.m.21 views

SA-CONTRIB-2015-068 - Campaign Monitor - Cross Site Request Forgery (CSRF)

Campaign Monitor module integrates the Campaign Monitor API into Drupal. The module doesn't sufficiently protect some URLs against CSRF. A malicious user can cause another user to enable and disable list subscriptions by getting their browser to make a request to a specially-crafted URL. CVE...

6.8CVSS6.3AI score0.00656EPSS
Exploits0References10
Rows per page
Query Builder