Lucene search
K

96 matches found

Positive Technologies
Positive Technologies
added 2020/07/15 12:0 a.m.5 views

PT-2020-14590 · Open Source Matters · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 3.9.19 and earlier Description: A missing token check in the remove request section of com privacy causes a CSRF issue. Recommendations: For versions 3.9.19 and earlier, update to a version that includes the fix for the missi...

6.8CVSS7.3AI score0.00594EPSS
Exploits0References6
CNVD
CNVD
added 2020/06/03 12:0 a.m.3 views

Joomla! cross-site request forgery vulnerability (CNVD-2020-41803)

Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. A security vulnerability exists in Joomla! versions prior to 3.9.19, which stems from a missing token check in compostinstall. The vulnerability can...

8.8CVSS6.7AI score0.00677EPSS
Exploits0References1
Prion
Prion
added 2020/06/02 8:15 p.m.20 views

Cross site request forgery (csrf)

In Joomla! before 3.9.19, missing token checks in compostinstall lead to CSRF...

6.8CVSS8.6AI score0.00677EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2020/05/18 2:15 p.m.3 views

CVE-2020-12257

rConfig 3.9.4 is vulnerable to cross-site request forgery CSRF because it lacks implementation of CSRF protection such as a CSRF token. An attacker can leverage this vulnerability by creating a form add a user, delete a user, or edit a user...

8.8CVSS7.2AI score0.01409EPSS
Exploits1References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2020/05/07 12:0 a.m.31 views

[20200703] - Core - CSRF in com_privacy remove-request feature

A missing token check in the remove request section of comprivacy causes a CSRF vulnerability...

6.8CVSS6.2AI score0.00594EPSS
Exploits0Affected Software1
OSV
OSV
added 2020/03/16 4:15 p.m.9 views

CVE-2020-10241

An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of comtemplates lead to CSRF...

8.8CVSS6.7AI score
Exploits0References1
Cvelist
Cvelist
added 2020/03/16 3:47 p.m.23 views

CVE-2020-10241

An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of comtemplates lead to CSRF...

9AI score0.00677EPSS
Exploits0References1
OSV
OSV
added 2020/01/28 9:15 p.m.13 views

CVE-2020-8419

An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities...

8.8CVSS6.9AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/11/13 12:0 a.m.35 views

Joomla 3.2.x < 3.9.13 Multiple Vulnerabilities (5780-joomla-3-9-13)

According to its self-reported version, the instance of Joomla! running on the remote web server is 3.2.x prior to 3.9.13. It is, therefore, affected by multiple vulnerabilities. - An issue was discovered in Joomla! before 3.9.13. A missing token check in comtemplate causes a CSRF vulnerability...

8.8CVSS6.7AI score0.01093EPSS
Exploits0References5
Cvelist
Cvelist
added 2019/11/06 1:35 a.m.20 views

CVE-2019-18650

An issue was discovered in Joomla! before 3.9.13. A missing token check in comtemplate causes a CSRF vulnerability...

8.7AI score0.00452EPSS
Exploits0References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2019/10/10 12:0 a.m.63 views

[20191001] - Core - CSRF in com_template overrides view

A missing token check in comtemplate causes a CSRF vulnerability...

8.8CVSS8.4AI score0.00452EPSS
Exploits0Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/03/21 4:0 p.m.1 views

CVE-2018-19525

An issue was discovered on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1TRUNK-20180914.bin devices. There is CSRF via /ui/?g=objkeywordsadd and /ui/?g=objkeywordsaddsave with resultant XSS because of a lack of csrf token validation...

6.1CVSS5.5AI score0.00908EPSS
Exploits3References5
CNVD
CNVD
added 2018/08/30 12:0 a.m.3 views

phpMyFAQ Cross-Site Request Forgery Vulnerability (CNVD-2018-17637)

phpMyFAQ is phpMyFAQ team developed a set of open source fully database-driven FAQ question and answer system . The system supports multiple languages, multiple databases, etc., and includes modules such as content management system and community. A cross-site request forgery vulnerability exists...

8.8CVSS8.8AI score0.01932EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/12 12:0 a.m.2 views

CSRF Vulnerability in Cicada CMS 6.2

Cicada Knowledge Enterprise Portal System is an open source and free enterprise portal system. CSRF vulnerability exists in Cicada Knowledge cms version 6.2. The vulnerability stems from the lack of token validation on the background page of Cicada Knowledge cms, which leads to the triggering of...

7AI score
Exploits0
CNVD
CNVD
added 2017/04/07 12:0 a.m.3 views

CSRF Cross-site Request Forgery Vulnerability at Add Administrator of Rice Shell Enterprise Website Builder 2016 Official Version

Rice Shell Enterprise Building System is an enterprise building and content management system. CSRF cross-site request forgery vulnerability exists in Rice Shell Enterprise Website Builder System 2016 Official VersionAdd Administrator. As the packet of the add administrator operation is not token...

6.9AI score
Exploits0
seebug.org
seebug.org
added 2014/11/24 12:0 a.m.28 views

phpyun csrf修改用户密码

简要描述: phpyun csrf修改用户密码 详细说明: 更新用户信息的请求没有防御csrf。可以修改用户的邮箱。而重置密码功能是选择用户信息中的邮箱发送找回验证码。结合利用。 修改用户信息的请求为:...

7.1AI score
Exploits0
Rows per page
Query Builder