Lucene search
K

4 matches found

Veracode
Veracode
added 2018/08/29 3:13 a.m.28 views

Cross Site Request Forgery (CSRF)

phpMyFAQ/phpMyFAQ is vulnerable to cross-site request forgery CSRF. The vulnerability exists because it does not check CSRF token properly in user.php, allowing the attacker to delete any active user, to remove open questions, to manipulate FAQ and FAQ news, to add votes and to add or delete...

8.8CVSS8.5AI score0.01932EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2004/12/31 5:0 a.m.18 views

CVE-2004-2615

The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact...

4.6CVSS6.6AI score0.00331EPSS
Exploits0References4
exploitpack
exploitpack
added 2004/09/07 12:0 a.m.12 views

UtilMind Solutions Site News 1.1 - Authentication Bypass

UtilMind Solutions Site News 1.1 - Authentication Bypass source: https://www.securityfocus.com/bid/11126/info Reportedly UtilMind Solutions Site News is affected by an authentication bypass vulnerability. This issue is due to an access validation error. An unauthenticated attacker can leverage th...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2004/09/07 12:0 a.m.16 views

UtilMind Solutions Site News 1.1 - Authentication Bypass

source: https://www.securityfocus.com/bid/11126/info Reportedly UtilMind Solutions Site News is affected by an authentication bypass vulnerability. This issue is due to an access validation error. An unauthenticated attacker can leverage this issue to display and manipulate arbitrary news items...

7AI score
Exploits0
Rows per page
Query Builder