Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNVD
CNVDadded 2015/05/03 12:0 a.m.3 views

Dell SonicWALL Secure Remote Access Cross-Site Request Forgery Vulnerability

Dell SonicWALL Secure Remote Access is a remote security access solution. A cross-site request forgery vulnerability exists in the Dell SonicWALL Secure Remote Access user portal, which allows remote attackers to construct a special cgi-bin/editBookmark request that hijacks an authenticated user...

6.8CVSS6.8AI score0.02685EPSS
Exploits2References1
Prion
Prionadded 2015/05/01 3:59 p.m.9 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the user portal in Dell SonicWALL Secure Remote Access SRA products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request...

6.8CVSS7.7AI score0.02685EPSS
Exploits2References6Affected Software1
CVE
CVEadded 2015/05/01 3:0 p.m.39 views

CVE-2015-2248

Dell SonicWALL Secure Remote Access (SRA) appliances are affected by CVE-2015-2248 (CSRF in the user portal) affecting firmware prior to 7.5.1.0-38sv and 8.x prior to 8.0.0.1-16sv. The vulnerability enables an attacker to hijack a logged-in user’s authentication to create bookmarks via a crafted ...

6.8CVSS7.4AI score0.02685EPSS
Exploits2References6Affected Software1
Prion
Prionadded 2011/10/08 10:55 a.m.10 views

Sql injection

SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to execute arbitrary SQL commands via the BookmarkID parameter in an EditBookmark action...

7.5CVSS9.1AI score0.01219EPSS
Exploits1References6Affected Software1
CVE
CVEadded 2011/10/08 10:0 a.m.34 views

CVE-2010-4915

CVE-2010-4915 affects ColdGen ColdBookmarks 1.22, with a vulnerability in the index.cfm function where the BookmarkID parameter in an EditBookmark action enables SQL injection, allowing remote attackers to execute arbitrary SQL commands. The issue is tied to improper handling of the BookmarkID in...

7.5CVSS8.7AI score0.01219EPSS
Exploits1References6Affected Software1
Packet Storm
Packet Stormadded 2010/09/08 12:0 a.m.26 views

ColdBookmarks 1.22 SQL Injection

ColdGen - coldbookmarks v1.22 Remote 0day SQL Injection vulnerability Vendor: http://www.coldgen.com/ Found by: mrme net-ninja.net PoC http://target/path/index.cfm?fuseaction=EditBookmark&BookmarkID=SQLi&CFID=XXXXXX&CFTOKEN=XXXXXXXX...

0.3AI score
Exploits0
exploitpack
exploitpackadded 2010/09/07 12:0 a.m.10 views

ColdBookmarks 1.22 - SQL Injection

ColdBookmarks 1.22 - SQL Injection ColdGen - coldbookmarks v1.22 Remote 0day SQL Injection vulnerability Vendor: http://www.coldgen.com/ Found by: mrme net-ninja.net PoC http://target/path/index.cfm?fuseaction=EditBookmark&BookmarkID=SQLi&CFID=XXXXXX&CFTOKEN=XXXXXXXX...

0.3AI score
Exploits0
Rows per page
Query Builder