Lucene search
K

4 matches found

exploitpack
exploitpack
added 2018/01/28 12:0 a.m.37 views

Nexpose 6.4.66 - Cross-Site Request Forgery

Nexpose 6.4.66 - Cross-Site Request Forgery Exploit Title: Cross Site Request Forgery at Nexpose Automated Actions Release Date: 2017-12-13 Exploit Author: Shwetabh Vishnoi Link: https://www.linkedin.com/in/shwetabhvishnoi Vendor Homepage: https://www.rapid7.com/ Software Link:...

6.8CVSS0.4AI score0.02746EPSS
Exploits4
0day.today
0day.today
added 2018/01/28 12:0 a.m.52 views

Nexpose < 6.4.66 - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: Cross Site Request Forgery at Nexpose Automated Actions Exploit Author: Shwetabh Vishnoi Link: https://www.linkedin.com/in/shwetabhvishnoi Vendor Homepage: https://www.rapid7.com/ Software Link:...

6.8CVSS8.7AI score0.02746EPSS
Exploits4
Exploit DB
Exploit DB
added 2018/01/28 12:0 a.m.73 views

Nexpose &lt; 6.4.66 - Cross-Site Request Forgery

Exploit Title: Cross Site Request Forgery at Nexpose Automated Actions Release Date: 2017-12-13 Exploit Author: Shwetabh Vishnoi Link: https://www.linkedin.com/in/shwetabhvishnoi Vendor Homepage: https://www.rapid7.com/ Software Link: https://www.rapid7.com/products/nexpose/download/ Tested on:...

8.8CVSS9AI score0.02746EPSS
Exploits4
CVE
CVE
added 2017/12/14 9:0 p.m.65 views

CVE-2017-5264

CVE-2017-5264 affects Nexpose prior to 6.4.66, where the Automated Actions web application fails to validate the HTTP request source, enabling CSRF. Affected versions include 6.4.65 and older branches listed in public advisories; impact is cross-site request forgery affecting authenticated users....

8.8CVSS8.8AI score0.02746EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder