Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-5877

Malware in sbrugna...

4.3CVSS4.9AI score0.015EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-9520

Malware in sbrugna...

4.9CVSS4AI score0.00444EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-5876

Malware in sbrugna...

5.5CVSS4.9AI score0.015EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 10:32 a.m.9 views

CVE-2019-14730

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account...

4.3CVSS6.8AI score0.015EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:27 a.m.6 views

CVE-2019-14729

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account...

5.5CVSS6.8AI score0.015EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/01/19 12:0 a.m.4 views

PT-2023-6844 · Modoboa · Modoboa

Name of the Vulnerable Software and Affected Versions: modoboa/modoboa versions prior to 2.0.4 Description: The issue is related to Cross-Site Request Forgery CSRF in the modoboa/modoboa GitHub repository. This can allow a remote attacker to impact the integrity and availability of protected...

7.8CVSS5.6AI score0.00348EPSS
Exploits1References13
Huntr
Huntr
added 2023/01/14 1:45 p.m.21 views

CSRF leading to delete a domain

Description GET /admin/domains/id/delete/ page is vulnerable to a CSRF attack. Proof of Concept 1. Login as admin. 2. Create a domain to be deleted. E.g. the domain ID is 4. 3. Open the following file in the browser. html history.pushState'', '', '/' document.forms0.submit;...

4.3CVSS6.2AI score0.00348EPSS
Exploits1
OSV
OSV
added 2022/11/01 1:15 p.m.1 views

UBUNTU-CVE-2022-42320

Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. When a domain is gone, there might be Xenstore nodes left with access rights containing the domid of the removed domain. This is normally no problem, as those access right entries...

7CVSS7AI score0.0027EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/10/11 10:45 a.m.31 views

CVE-2021-24711 Software License Manager < 4.5.1 - Arbitrary Domain Deletion via CSRF

The delreistereddomains AJAX action of the Software License Manager WordPress plugin before 4.5.1 does not have any CSRF checks, and is vulnerable to a CSRF attack...

8.9AI score0.00667EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2021/09/13 12:0 a.m.17 views

Software License Manager < 4.5.1 - Arbitrary Domain Deletion via CSRF

The delreistereddomains AJAX action of the plugin does not have any CSRF checks, and is vulnerable to a CSRF attack PoC https://example.com/wp-admin/admin-ajax.php?action=delreistereddomain=1...

8.8CVSS1.9AI score0.00667EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2021/09/13 12:0 a.m.710 views

Software License Manager < 4.5.1 - Arbitrary Domain Deletion via CSRF

The delreistereddomains AJAX action of the plugin does not have any CSRF checks, and is vulnerable to a CSRF attack https://example.com/wp-admin/admin-ajax.php?action=delreistereddomain&id=1...

8.8CVSS3.5AI score0.00667EPSS
Exploits2References1
OSV
OSV
added 2019/09/10 4:15 p.m.4 views

CVE-2019-14730

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account...

4.3CVSS5.8AI score0.015EPSS
Exploits1References3
Prion
Prion
added 2019/09/10 4:15 p.m.20 views

Design/Logic Flaw

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account...

4CVSS4.6AI score0.015EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/09/10 3:23 p.m.27 views

CVE-2019-14730

In CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account...

4.6AI score0.015EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2019/09/10 12:0 a.m.7 views

PT-2019-4390 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.851 Description: The issue exists due to insufficient input validation in the application, allowing a remote attacker to delete a sub-domain from a user's account. This can be achieved by an attacker using their...

5.5CVSS4.6AI score0.015EPSS
Exploits1References7
Prion
Prion
added 2019/08/02 2:15 p.m.17 views

Code injection

cPanel before 68.0.15 allows domain data to be deleted for domains with the .lock TLD SEC-341...

4.9CVSS4.2AI score0.00444EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/08/02 1:12 p.m.48 views

CVE-2017-18404

CVE-2017-18404 affects cPanel prior to 68.0.15. The vulnerability allows deletion of domain data for domains with the .lock TLD. Root cause details are not fully specified in the provided documents, but multiple sources (NVD, Red Hat, CNVD, CVE listings) corroborate the issue. There is no explici...

4.9CVSS4.2AI score0.00444EPSS
Exploits0References2Affected Software1
exploitpack
exploitpack
added 2017/05/15 12:0 a.m.30 views

Mailcow 0.14 - Cross-Site Request Forgery

Mailcow 0.14 - Cross-Site Request Forgery + Credits: John Page a.k.a hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MAILCOW-v0.14-CSRF-PASSWORD-RESET-ADD-ADMIN.txt + ISR: ApparitionSec Vendor: ============= mailcow.email mailcow.github.io Produc...

6.8CVSS0.4AI score0.02049EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2013/07/24 12:0 a.m.31 views

Virtualizor < 2.3.2 PDNS Domain Deletion Security Bypass

According to its version number, the Virtualizor install hosted on the remote web server is earlier than 2.3.2 and therefore affected by a security bypass vulnerability. Due to an unspecified flaw, an attacker may be able to delete arbitrary PDNS domains that their user account does not have acce...

5.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/06/21 12:0 a.m.18 views

Virtualizor < 2.3.2 PDNS Domain Deletion Security Bypass

Binary data 6947.prm...

7.3AI score
Exploits0References1
Rows per page
Query Builder