Lucene search
K

5 matches found

Check Point Advisories
Check Point Advisories
added 2017/11/02 12:0 a.m.4 views

ZKTeco ZKTime Web Cross Site Request Forgery (CVE-2017-13129)

A Cross Site Request Forgery vulnerability exists in ZKTime Web. The vulnerability is due to lack of protections mechanisms in place to block any kind of forged requests. unauthenticated attacker can exploit this vulnerability by sending a crafted request to the target system...

6CVSS2.5AI score0.01079EPSS
Exploits4
Packet Storm
Packet Storm
added 2017/10/20 12:0 a.m.63 views

ZKTime Web Software 2.0 Cross Site Request Forgery

Exploit Title: ZKTime Web Software 2.0 - Cross Site Request Forgery CVE-ID: CVE-2017-13129 Vendor Homepage: https://www.zkteco.com/product/ZKTimeWeb2.0435.html Vendor of Product: ZKTeco Affected Product Code: ZKTime Web - 2.0.1.12280 Category: WebApps Author: Arvind V. Author Social: @FindArvind...

6CVSS7.8AI score0.01079EPSS
Exploits4
Cvelist
Cvelist
added 2017/09/26 2:0 p.m.22 views

CVE-2017-13129

Cross-site request forgery CSRF vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens...

7.8AI score0.01079EPSS
Exploits4References2
CVE
CVE
added 2017/09/26 2:0 p.m.72 views

CVE-2017-13129

CVE-2017-13129 affects ZKTime Web 2.0.1.12280 (ZKTeco) and is due to a CSRF vulnerability allowing remote authenticated users to hijack administrator actions to add admins, caused by lack of anti-CSRF tokens. Exploitation and in-the-wild details are present in connected sources; no official patch...

8CVSS7.7AI score0.01079EPSS
Exploits4References2Affected Software1
exploitpack
exploitpack
added 2017/08/18 12:0 a.m.40 views

ZKTime Web Software 2.0 - Cross-Site Request Forgery

ZKTime Web Software 2.0 - Cross-Site Request Forgery Exploit Title: ZKTime Web Software 2.0 - Cross Site Request Forgery CVE-ID: CVE-2017-13129 Vendor Homepage: https://www.zkteco.com/product/ZKTimeWeb2.0435.html Vendor of Product: ZKTeco Affected Product Code: ZKTime Web - 2.0.1.12280 Category:...

6CVSS0.4AI score0.01079EPSS
Exploits4
Rows per page
Query Builder