Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

RedhatCVE
RedhatCVEadded 2025/11/08 12:55 a.m.2 views

CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery CSRF attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints...

6.5CVSS7AI score0.00028EPSS
Exploits1References1
OSV
OSVadded 2025/11/07 6:15 p.m.1 views

CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery CSRF attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints...

6.5CVSS5.8AI score0.00028EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2025/11/07 12:0 a.m.1 views

CVE-2025-63716

The SourceCodester Leads Manager Tool v1.0 is vulnerable to Cross-Site Request Forgery CSRF attacks that allow unauthorized state-changing operations. The application lacks CSRF protection mechanisms such as anti-CSRF tokens or same-origin verification for critical endpoints...

6.5AI score0.00028EPSS
Exploits1References2
CVE
CVEadded 2025/11/07 12:0 a.m.6 views

CVE-2025-63716

The CVE-2025-63716 entry concerns SourceCodester Leads Manager Tool v1.0, which is vulnerable to Cross-Site Request Forgery (CSRF). The root cause stated across sources is lack of CSRF protection mechanisms (no anti-CSRF tokens and no same-origin verification) on critical endpoints, enabling unau...

6.5CVSS6.6AI score0.00028EPSS
Exploits1References2Affected Software1
GithubExploit
GithubExploitadded 2025/04/30 1:53 p.m.322 views

Exploit for Cross-Site Request Forgery (CSRF) in Nosurf_Project Nosurf

CVE-2025-46721: CSRF...

6.1CVSS9.2AI score0.00044EPSS
Exploits2
Tenable Nessus
Tenable Nessusadded 2016/05/19 12:0 a.m.40 views

Ubuntu 14.04 LTS / 16.04 LTS : Oxide vulnerabilities (USN-2960-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2960-1 advisory. An out of bounds write was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potential...

9.8CVSS8.1AI score0.01626EPSS
Exploits2References10
Tenable Nessus
Tenable Nessusadded 2007/10/17 12:0 a.m.258 views

openSUSE 10 Security Update : seamonkey (seamonkey-3984)

This update fixes several security issues in Mozilla SeaMonkey 1.1.3. Following security problems were fixed : - MFSA 2007-18: Crashes with evidence of memory corruption The usual collection of stability fixes for crashes that look suspicious but haven't been proven to be exploitable. 25 were in...

9.3CVSS8.5AI score0.50118EPSS
Exploits10References9
Mozilla
Mozillaadded 2007/07/17 12:0 a.m.27 views

Unauthorized access to wyciwyg:// documents — Mozilla

Michal Zalewski reported that it was possible to bypass the same-origin checks and read from cached wyciwyg documents. It is possible to access wyciwyg:// documents without proper same domain policy checks through the use of HTTP 302 redirects. This enables the attacker to steal sensitive data...

6.8CVSS0.9AI score0.06604EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder