Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-8807

Malware in sbrugna...

8.8CVSS8.8AI score0.00614EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 1:53 p.m.16 views

CVE-2014-3792

Cross-site request forgery CSRF vulnerability in Beetel 450TC2 Router with firmware TX6-0Q-005retail allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the uiViewToolsPassword and uiViewToolsPasswordConfirm parameters to...

6.8CVSS7.8AI score0.02281EPSS
Exploits1References1
NVD
NVD
added 2024/02/03 9:15 a.m.24 views

CVE-2023-43183

Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password of an admin and hijack their account...

8.8CVSS8.8AI score0.01178EPSS
Exploits3References3
CVE
CVE
added 2024/02/03 12:0 a.m.49 views

CVE-2023-43183

CVE-2023-43183 affects Reprise License Manager (RLM) v15.1. An incorrect access control vulnerability allows a read-only user to arbitrarily change an administrator’s password and hijack the admin account. The issue is documented across multiple sources (NVD/Red Hat/CVE list) and has public PoCs/...

8.8CVSS8.7AI score0.01178EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2024/02/03 12:0 a.m.35 views

CVE-2023-43183

Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password of an admin and hijack their account...

8.9AI score0.01178EPSS
Exploits3References2
NVD
NVD
added 2023/07/11 3:15 a.m.16 views

CVE-2023-36917

SAP BusinessObjects Business Intelligence Platform - version 420, 430, allows an unauthorized attacker who had hijacked a user session, to be able to bypass the victim’s old password via brute force, due to unrestricted rate limit for password change functionality. Although the attack has no impa...

7.5CVSS6.6AI score0.0049EPSS
Exploits0References2
Prion
Prion
added 2019/12/27 9:15 p.m.20 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in D-Link DWR-113 Rev. Ax with firmware before 2.03b02 allows remote attackers to hijack the authentication of administrators for requests that change the admin password via unspecified vectors...

6.8CVSS7.8AI score0.02889EPSS
Exploits5References3Affected Software1
NVD
NVD
added 2018/09/13 7:29 p.m.17 views

CVE-2018-17023

Cross-site request forgery CSRF vulnerability on ASUS GT-AC5300 routers with firmware through 3.0.0.4.38432738 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via a request to startapply.htm...

8.8CVSS9AI score0.00614EPSS
Exploits1References1
NVD
NVD
added 2017/07/21 2:29 p.m.24 views

CVE-2017-9415

Cross-site request forgery CSRF vulnerability in subsonic 6.1.1 allows remote attackers with knowledge of the target username to hijack the authentication of users for requests that change passwords via a crafted request to userSettings.view...

7.5CVSS7.7AI score0.02478EPSS
Exploits5References1
OSV
OSV
added 2017/07/17 1:18 p.m.9 views

CVE-2017-1000008

Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their password...

8.8CVSS7AI score
Exploits0References1
0day.today
0day.today
added 2017/01/01 12:0 a.m.76 views

Xfinity Gateway (Technicolor DPC3941T) - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: CSRF XFINITY Gateway product Technicolorpreviously Cisco DPC3941T Date: 09/08/2016 Exploit Author: Ayushman Dutta Version: dpc3941-P20-18-v303r20421733-160413a-CMCST CVE : CVE-2016-7454 The Device DPC3941T is vulnerable to...

7.9CVSS0.4AI score0.03329EPSS
Exploits6
CVE
CVE
added 2013/11/22 1:0 a.m.50 views

CVE-2013-6852

CVE-2013-6852 affects HP 2620 switches, specifically the vulnerable component is the html/json.html CSRF implementation. The issue allows remote attackers to hijack administrator authentication and issue requests that change the device password via the setPassword method. The underlying root caus...

6.8CVSS7.5AI score0.01507EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2013/08/20 2:55 p.m.20 views

CVE-2013-5316

Cross-site request forgery CSRF vulnerability in RiteCMS 1.0.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via an edit user action to cms/index.php...

6.8CVSS7.2AI score0.02268EPSS
Exploits1References4
Cvelist
Cvelist
added 2013/08/20 2:0 p.m.20 views

CVE-2013-5316

Cross-site request forgery CSRF vulnerability in RiteCMS 1.0.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via an edit user action to cms/index.php...

7.2AI score0.02268EPSS
Exploits1References4
Prion
Prion
added 2013/04/25 10:55 a.m.19 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords...

6.8CVSS7.5AI score0.00643EPSS
Exploits0References4Affected Software3
Prion
Prion
added 2012/10/08 6:55 p.m.11 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in setup/security.cgi in D-Link DCS-900, DCS-2000, and DCS-5300 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the rootpass parameter...

6.8CVSS7.8AI score0.01074EPSS
Exploits1References2
Prion
Prion
added 2012/02/21 1:31 p.m.12 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in modules/config/adminutente.php in GAzie 5.20 and earlier allows remote attackers to hijack the authentication of administrators for requests that change account information via an update action, as demonstrated by changing the password...

6.8CVSS7.5AI score0.01061EPSS
Exploits1References3Affected Software1
Exploit DB
Exploit DB
added 2011/11/27 12:0 a.m.32 views

Linux/MIPS - add userUID 0 with password - 164 bytes

Linux/MIPS - add userUID 0 with password - 164 bytes. Shellcode exploit for linux platform / Title: Linux/MIPS -add userUID 0 with password - 164 bytes Date: 2011-11-24 Author: rigan - imrigan at gmail.com Note: Username - rOOt Password - pwn3d / include char sc = "\x24\x09\x73\x50" // li t1,2952...

Exploits0
NVD
NVD
added 2010/04/27 3:30 p.m.16 views

CVE-2009-4827

Cross-site request forgery CSRF vulnerability in admin.php in Mail Manager Pro allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a change action...

6.8CVSS7.2AI score0.00943EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2010/04/12 4:59 p.m.16 views

WordPress Hack Linked to Database Password Hijack

Malicious hackers have found a way to hijack WordPress database credentials and use that information to redirect thousands of blogs to Web sites laden with malware. The attacks, which started last Friday, occurred mostly on WordPress blogs hosted by Network Solutions but it appears that there are...

1AI score
Exploits0References3
Rows per page
Query Builder