EUVD-2018-18356

Malware in sbrugna...

CVE-2010-2280

Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "mobile edit actions," aka SPR ASRE83PPVH...

Sourcegraph 安全漏洞

Sourcegraph is an open source code search and navigation tool from Sourcegraph, Inc. engine is an OpenSSL reference implementation of the GOST encryption algorithm. A security vulnerability exists in Sourcegraph versions prior to 3.42, which stems from the ability of an authenticated Sourcegraph...

PT-2014-7820 · WordPress · Wp Google Maps

Name of the Vulnerable Software and Affected Versions: WP Google Maps plugin versions prior to 6.0.27 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the poly id parameter in an edit poly, edit polyline, or edit marker action in the "wp-google-maps-menu"...

Open redirect

Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "mobile edit actions," aka SPR ASRE83PPVH...

CVE-2007-6723

TorK before 0.22, when running on Windows and Mac OS X, installs Privoxy with a configuration file config.txt or config that contains insecure 1 enable-remote-toggle and 2 enable-edit-actions settings, which allows remote attackers to bypass intended access restrictions and modify configuration...

CVE-2008-4448

Cross-site request forgery CSRF vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the 1 overkill, 2 futils, or 3 edit actions...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the 1 overkill, 2 futils, or 3 edit actions...

CVE-2008-4448

Cross-site request forgery CSRF vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to perform unauthorized actions as an administrator, including file deletion and creation, via a link or IMG tag to the 1 overkill, 2 futils, or 3 edit actions...

CVE-2008-3080

Cross-site request forgery CSRF vulnerability in admin.php in myWebland myBloggie 2.1.6 allows remote attackers to perform edit actions as administrators. NOTE: this can be leveraged to execute SQL commands by also exploiting CVE-2007-1899...