Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-3240

Malware in sbrugna...

3.6CVSS6.4AI score0.00864EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/21 9:28 p.m.6 views

CVE-2009-3257

vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the 1 Account Billing Address and 2 Shipping Address fields in a profile by creating a Sales Order SO associated with that profile...

3.6CVSS6.6AI score0.00864EPSS
Exploits1References1
Huntr
Huntr
added 2021/08/05 3:14 p.m.14 views

Cross-Site Request Forgery (CSRF) in tsolucio/corebos

✍️ Description Attacker able to delete any Sales Order with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know...

1.1AI score
Exploits0
Huntr
Huntr
added 2021/07/21 11:53 a.m.4 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description CSRF bug to remove third-party from sales-order 🕵️‍♂️ Proof of Concept Here it does not check token parameter for csrf .You can remove token paramater from url. bellow request is vulnerable to csrf attack when removing third-party from sales-order ....

1.5AI score
Exploits0
Huntr
Huntr
added 2021/07/21 11:48 a.m.15 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description CSRF bug to classify bill of sales-order 🕵️‍♂️ Proof of Concept Here it does not check token parameter for csrf .You can remove token paramater from url. bellow request is vulnerable to csrf attack when classify bill of sales-order ....

1AI score
Exploits0
Cisco Threats
Cisco Threats
added 2016/10/19 7:45 p.m.11 views

Threat Outbreak Alert RuleID25719: Email Messages Distributing Malicious Software on October 19, 2016

Medium Alert ID: 49356 First Published: 2016 October 19 19:45 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID25719 may contain the following files: Name |...

0.1AI score
Exploits0
myhack58
myhack58
added 2016/02/22 12:0 a.m.18 views

magento < 1.9 xss vulnerability fix description-vulnerability warning-the black bar safety net

magento XSSthe vulnerability description did not say Baidu about everywhere Here a simple record handling process, and compare the rough, whether effective not yet verification Edit app/design/adminhtml/default/default/template/sales/order/view/info. phtml File Search getCustomerEmail There are t...

7.2AI score
Exploits0
Cisco Threats
Cisco Threats
added 2015/10/26 1:44 p.m.8 views

Threat Outbreak Alert RuleID18929: Email Messages Distributing Malicious Software on March 12, 2016

Medium Alert ID: 41699 First Published: 2015 October 26 13:44 GMT Last Updated: 2016 March 14 12:26 GMT Version: 10 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID18929 a...

6.7AI score
Exploits0
Prion
Prion
added 2009/09/18 9:30 p.m.12 views

Design/Logic Flaw

vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the 1 Account Billing Address and 2 Shipping Address fields in a profile by creating a Sales Order SO associated with that profile...

3.6CVSS6.8AI score0.00864EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2009/09/18 9:30 p.m.14 views

CVE-2009-3257

vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the 1 Account Billing Address and 2 Shipping Address fields in a profile by creating a Sales Order SO associated with that profile...

3.6CVSS6.2AI score0.00864EPSS
Exploits1References2
CVE
CVE
added 2009/09/18 9:0 p.m.54 views

CVE-2009-3257

CVE-2009-3257 in vtiger CRM affects vtiger CRM before 5.1.0. The vulnerability arises when remote authenticated users can bypass permissions on profile fields (Account Billing Address and Shipping Address) by creating a Sales Order associated with that profile. The description implies a permissio...

3.6CVSS6.3AI score0.00864EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2009/09/18 9:0 p.m.18 views

CVE-2009-3257

vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the 1 Account Billing Address and 2 Shipping Address fields in a profile by creating a Sales Order SO associated with that profile...

6.2AI score0.00864EPSS
Exploits1References2
Rows per page
Query Builder