Lucene search
K

56 matches found

NVD
NVD
added 2008/12/10 6:44 a.m.12 views

CVE-2008-5400

Multiple cross-site request forgery CSRF vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to 1 create forums, 2 change account privileges, 3 enable accounts, or 4 disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers...

6.8CVSS7.1AI score0.00703EPSS
Exploits0References8
Prion
Prion
added 2008/12/10 6:44 a.m.14 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to 1 create forums, 2 change account privileges, 3 enable accounts, or 4 disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers...

6.8CVSS7.4AI score0.00703EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2008/07/14 11:41 p.m.22 views

CVE-2008-3171

Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

5CVSS5.6AI score0.01182EPSS
Exploits0References3
Prion
Prion
added 2008/07/14 11:41 p.m.18 views

Information disclosure

Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

5CVSS6.1AI score0.01182EPSS
Exploits0References3
CVE
CVE
added 2008/07/14 11:0 p.m.42 views

CVE-2008-3171

CVE-2008-3171 concerns Apple Safari leaking Referer headers that contain https URLs to other https sites. The description indicates this can let remote attackers obtain potentially sensitive information by reading Referer log data. Affected software is Safari; the root cause is the inclusion of h...

5CVSS5.7AI score0.01182EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2008/07/14 11:0 p.m.19 views

CVE-2003-1559

Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

6.2AI score0.158EPSS
Exploits0References5
Cvelist
Cvelist
added 2008/07/14 11:0 p.m.25 views

CVE-2003-1561

Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

6.2AI score0.00968EPSS
Exploits0References2
CVE
CVE
added 2008/07/14 11:0 p.m.47 views

CVE-2003-1561

Technical details about CVE-2003-1561 are not publicly provided in the supplied documents; no patched versions, affected products, or impact specifics are included. Monitor for updates.

4.3CVSS6.6AI score0.00968EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2008/07/14 11:0 p.m.24 views

CVE-2008-3171

Apple Safari sends Referer headers containing https URLs to different https web sites, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

5.6AI score0.01182EPSS
Exploits0References3
Cvelist
Cvelist
added 2008/07/14 11:0 p.m.21 views

CVE-2003-1560

Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

6.2AI score0.01064EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.0 views

Flash Player allows to send arbitrary Referer headers

Overview Flash Player from Adobe contains a vulnerability allowing to send arbitrary Referer headers. Flash Player from Adobe is a multimedia and application browser plugin for viewing Adobe Flash contents. Flash Player contains a vulnerability allowing to send arbitrary Referer headers. Impact A...

4.3CVSS6.7AI score0.06727EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2007/11/26 11:46 p.m.28 views

CVE-2007-5960

Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer headers and bypass Referer-based CSRF protecti...

4.3CVSS5.8AI score0.01469EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2007/07/11 4:30 p.m.33 views

CVE-2007-3457

Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file...

4.3CVSS5.9AI score0.06727EPSS
Exploits0References1
Cvelist
Cvelist
added 2007/07/11 4:0 p.m.30 views

CVE-2007-3457

Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which might allow remote attackers to conduct a CSRF attack via a crafted SWF file...

6.3AI score0.06727EPSS
Exploits0References16
NVD
NVD
added 2003/12/31 5:0 a.m.11 views

CVE-2003-1559

Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

5CVSS6.2AI score0.158EPSS
Exploits0References5
NVD
NVD
added 2003/12/31 5:0 a.m.15 views

CVE-2003-1560

Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data...

5CVSS6.2AI score0.01064EPSS
Exploits0References2
Rows per page
Query Builder