Lucene search
K

5 matches found

CVE
CVE
added 2015/11/02 7:0 p.m.62 views

CVE-2015-5534

CVE-2015-5534 affects Oxwall before 1.8. The vulnerability is a Cross-Site Request Forgery (CSRF) in the admin maintenance workflow: requests with maintenance_enable or maintenance_text parameters can be crafted by an attacker to hijack an administrator’s session and perform actions on the admin/...

6.8CVSS6.6AI score0.02328EPSS
Exploits5References4Affected Software1
exploitpack
exploitpack
added 2015/10/30 12:0 a.m.49 views

Oxwall 1.7.4 - Cross-Site Request Forgery

Oxwall 1.7.4 - Cross-Site Request Forgery Advisory ID: HTB23266 Product: Oxwall Vendor: http://www.oxwall.org Vulnerable Versions: 1.7.4 and probably prior Tested Version: 1.7.4 Advisory Publication: July 1, 2015 without technical details Vendor Notification: July 1, 2015 Vendor Patch: September ...

6.8CVSS0.8AI score0.02328EPSS
Exploits5
0day.today
0day.today
added 2015/10/30 12:0 a.m.55 views

Oxwall 1.7.4 - CSRF Vulnerability

Exploit for php platform in category web applications Product: Oxwall Vendor: http://www.oxwall.org Vulnerable Versions: 1.7.4 and probably prior Tested Version: 1.7.4 Advisory Publication: July 1, 2015 without technical details Vendor Notification: July 1, 2015 Vendor Patch: September 8, 2015...

6.8CVSS0.3AI score0.02328EPSS
Exploits5
Exploit DB
Exploit DB
added 2015/10/30 12:0 a.m.58 views

Oxwall 1.7.4 - Cross-Site Request Forgery

Advisory ID: HTB23266 Product: Oxwall Vendor: http://www.oxwall.org Vulnerable Versions: 1.7.4 and probably prior Tested Version: 1.7.4 Advisory Publication: July 1, 2015 without technical details Vendor Notification: July 1, 2015 Vendor Patch: September 8, 2015 Public Disclosure: October 22, 201...

6.8CVSS6.6AI score0.02328EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/10/29 12:0 a.m.67 views

Oxwall 1.7.4 Cross Site Request Forgery

Advisory ID: HTB23266 Product: Oxwall Vendor: http://www.oxwall.org Vulnerable Versions: 1.7.4 and probably prior Tested Version: 1.7.4 Advisory Publication: July 1, 2015 without technical details Vendor Notification: July 1, 2015 Vendor Patch: September 8, 2015 Public Disclosure: October 22, 201...

6.8CVSS0.7AI score0.02328EPSS
Exploits5
Rows per page
Query Builder