6 matches found
Observation of Response Discrepancy to Enumerate Users
Overview Umbraco.Cms.Infrastructure is an infrastructure assembly needed to run Umbraco CMS. Affected versions of this package are vulnerable to Observation of Response Discrepancy to Enumerate Users due to the handling of the native login screen. An attacker with access to the native login scree...
CVE-2024-28868
Umbraco is an ASP.NET content management system. Umbraco 10 prior to 10.8.4 with access to the native login screen is vulnerable to a possible user enumeration attack. This issue was fixed in version 10.8.5. As a workaround, one may disable the native login screen by exclusively using external...
CVE-2024-28868 Umbraco possible user enumeration vulnerability
Umbraco is an ASP.NET content management system. Umbraco 10 prior to 10.8.4 with access to the native login screen is vulnerable to a possible user enumeration attack. This issue was fixed in version 10.8.5. As a workaround, one may disable the native login screen by exclusively using external...
CVE-2011-0886
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the SMC SMCD3G-CCR aka Comcast Business Gateway with firmware before 1.4.0.49.2 allow remote attackers to 1 hijack the intranet connectivity of arbitrary users for requests that perform a login via goform/login, or...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the SMC SMCD3G-CCR aka Comcast Business Gateway with firmware before 1.4.0.49.2 allow remote attackers to 1 hijack the intranet connectivity of arbitrary users for requests that perform a login via goform/login, or...
CVE-2011-0886
Multiple cross-site request forgery CSRF vulnerabilities in the web interface on the SMC SMCD3G-CCR aka Comcast Business Gateway with firmware before 1.4.0.49.2 allow remote attackers to 1 hijack the intranet connectivity of arbitrary users for requests that perform a login via goform/login, or...