13 matches found
CVE-2026-43877
CVE-2026-43877 (WWBN/AVideo) : CSRF in objects/userSavePhoto.php allows a logged‑in user’s profile photo to be overwritten with arbitrary bytes via a crafted cross‑origin POST, due to missing CSRF protection (the endpoint does not use the .json.php suffix and is excluded from autoCSRFGuard), no t...
CVE-2026-36956
A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An...
CVE-2026-40909
WWBN AVideo (pre-29.0) contains a path traversal in locale/save.php that concatenates $_POST['flag'] into the target path and writes $_POST['code'] to that path via fwrite(), allowing an attacker with admin access or CSRF to write arbitrary PHP files outside locale/ and achieve Remote Code Execut...
PT-2026-26766
Summary The Gallery plugin's saveSort.json.php endpoint passes unsanitized user input from $ REQUEST'sections' array values directly into PHP's eval function. While the endpoint is gated behind User::isAdmin, it has no CSRF token validation. Combined with AVideo's explicit SameSite=None session...
CVE-2025-13283
TenderDocTransfer developed by Chunghwa Telecom has a Arbitrary File Copy and Paste vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection in the APIs, unauthenticated remote attackers could...
CVE-2025-13282
TenderDocTransfer (Chunghwa Telecom) exposes a combination of flaws: (1) an Absolute Path Traversal within one API that could allow deletion of arbitrary files on the user’s system, and (2) APIs with no CSRF protection, enabling unauthenticated remote attackers to trigger actions via phishing. Th...
PT-2025-44318
Name of the Vulnerable Software and Affected Versions BLU-IC2 versions through 1.19.5 BLU-IC4 versions through 1.19.5 Description A systemic lack of Cross-Site Request Forgery CSRF token implementation exists. This complete absence of CSRF protections in BLU-IC controllers allows for trivial...
EUVD-2025-36108
The IDonate WordPress plugin before 2.1.13 does not have authorisation and CSRF when deleting users via an action handler, allowing unauthenticated attackers to delete arbitrary users...
EUVD-2021-11530
Malware in sbrugna...
CVE-2024-8065 CSRF in danswer-ai/danswer
A Cross-Site Request Forgery CSRF vulnerability in version v1.4.1 of danswer-ai/danswer allows attackers to perform unauthorized actions in the context of the victim's browser. This includes connecting the victim's application with a malicious Slack Bot, inviting users, and deleting chats, among...
Lantronix xPrintServer Remote Command Execution / CSRF
Hi, The Lantronix xPrintServer is a small Linux powered print server for iOS. Main configuration happens through a web interface. The problem is that the configuration happens through some RPC interface; the web interfaces uses AJAX requests to talk to a CGI script that simply executes shell...
ManageEngine MSPCentral 9 CSRF / Cross Site Scripting Vulnerability
ManageEngine MSPCentral version 9 suffers from cross site request forgery, insecure session cookies, and cross site scripting vulnerabilities. Multiple vulnerabilities in ManageEngine MSPCentral 9 ------------------------------------------------------------ Background ---------- At Kiwicon 6 in m...
ManageEngine MSPCentral 9 Cross Site Request Forgery / Cross Site Scripting
-------------------------------------------------------------- REDACTED REDACTED REDACTED REDACTED REDACTED REDACTED REDACTED ADVISORY ADVISORY ADVISORY ADVISORY ADVISORY ADVISORY ADVISORY -------------------------------------------------------------- RA004: Multiple vulnerabilities in ManageEngi...