Lucene search
+L

4 matches found

CNVD
CNVD
added 2022/02/16 12:0 a.m.20 views

Backdrop CMS Cross-Site Request Forgery Vulnerability

Backdrop CMS is an open source content management system CMS. A cross-site request forgery vulnerability exists in Backdrop CMS, which stems from obtaining remote code execution RCE on a hosted web server by uploading a malicious add-on with a crafted PHP file. No details of the vulnerability are...

8.8CVSS1.8AI score0.01821EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/02/03 10:15 p.m.2 views

CVE-2021-45268

A Cross Site Request Forgery CSRF vulnerability exists in Backdrop CMS 1.20, which allows Remote Attackers to gain Remote Code Execution RCE on the Hosting Webserver via uploading a maliciously add-on with crafted PHP file. NOTE: the vendor disputes this because the attack requires a session cook...

8.8CVSS6.1AI score0.01821EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/02/03 12:0 a.m.6 views

Backdrop CMS 跨站请求伪造漏洞

Backdrop CMS is an open source content management system CMS. A cross-site request forgery vulnerability exists in Backdrop CMS, which stems from obtaining remote code execution RCE on a hosted web server by uploading a malicious add-on with a crafted PHP file. No details of the vulnerability are...

8.8CVSS6.3AI score0.01821EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2017/10/30 2:17 p.m.12 views

Google to Ditch Public Key Pinning in Chrome

Google said that in an upcoming version of Chrome it will deprecate the browser’s support for HTTP public key pinning. Instead, it will adopt the “safer” more flexible solution of Expect-CT headers. HTTP public key pinning HPKP is a browser security measure that protects against an SSL certificat...

6.9AI score
Exploits0References4
Rows per page
Query Builder