Lucene search
K

117 matches found

CNNVD
CNNVD
added 2024/08/25 12:0 a.m.3 views

CyberArk Identity Management 安全漏洞

CyberArk Identity Management is an identity management program from CyberArk Israel. CyberArk Identity Management suffers from a security vulnerability that stems from client-side execution of server-side security. No detailed vulnerability details are provided at this time...

8.3CVSS6.9AI score0.00324EPSS
Exploits0References2
OSV
OSV
added 2024/05/17 9:15 a.m.5 views

CVE-2024-32685

Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.2.5...

5.3CVSS5.8AI score0.00388EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 8:59 a.m.16 views

CVE-2024-32685 WordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerability

Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass.This issue affects Wp Ultimate Review: from n/a through 2.2.5...

5.3CVSS6.9AI score0.00388EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 8:56 a.m.24 views

CVE-2024-32521 WordPress Zero Spam for WordPress plugin <= 5.5.6 - Bypass Spam Protection vulnerability

Client-Side Enforcement of Server-Side Security vulnerability in Highfivery LLC Zero Spam allows Removing Important Client Functionality.This issue affects Zero Spam: from n/a through 5.5.6...

5.3CVSS5.3AI score0.00351EPSS
Exploits0References1
CVE
CVE
added 2024/05/17 8:56 a.m.73 views

CVE-2024-32521

CVE-2024-32521 affects the WordPress plugin Zero Spam by Highfivery (versions

5.3CVSS5.3AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 8:56 a.m.23 views

CVE-2024-32512 WordPress weForms plugin <= 1.6.20 - Form Submission Restriction Bypass vulnerability

Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing Important Client Functionality.This issue affects weForms: from n/a through 1.6.20...

5.3CVSS5.3AI score0.00342EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 8:56 a.m.14 views

CVE-2024-32512 WordPress weForms plugin <= 1.6.20 - Form Submission Restriction Bypass vulnerability

Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing Important Client Functionality.This issue affects weForms: from n/a through 1.6.20...

5.3CVSS6.9AI score0.00342EPSS
Exploits0References1
CVE
CVE
added 2024/05/17 8:56 a.m.55 views

CVE-2024-32512

The CVE-2024-32512 entry concerns the WordPress weForms plugin (versions up to and including 1.6.20) with a Form Submission Restriction Bypass issue caused by Client-Side Enforcement of Server-Side Security. Affected component: weForms form submission logic; root cause: client-side enforcement al...

5.3CVSS6.8AI score0.00342EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.9 views

PT-2024-24771 · Unknown · Wp Ultimate Review

Name of the Vulnerable Software and Affected Versions: Wp Ultimate Review versions 2.2.5 and earlier Description: The issue is related to a Client-Side Enforcement of Server-Side Security vulnerability, allowing functionality bypass in Wpmet Wp Ultimate Review. Recommendations: For versions 2.2.5...

5.3CVSS6.8AI score0.00388EPSS
Exploits0References6
CVE
CVE
added 2024/05/14 4:19 p.m.53 views

CVE-2024-31491

CVE-2024-31491 affects Fortinet FortiSandbox components (FortiSandbox 4.2.0–4.2.6 and 4.4.0–4.4.4). The issue stems from client-side enforcement of server-side security, enabling an attacker to execute unauthorized code or commands via HTTP requests. The connected sources specify the affected ver...

8.8CVSS7.1AI score0.00834EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/03/02 3:15 a.m.19 views

CVE-2024-25063

Due to insufficient server-side validation, a successful exploit of this vulnerability could allow an attacker to gain access to certain URLs that the attacker should not have access to...

7.5CVSS7.6AI score0.00567EPSS
Exploits0References1
NVD
NVD
added 2023/12/18 10:15 p.m.23 views

CVE-2023-23570

Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed and lead to invalid configuration with undefined behavior. This issue affects: Gallagher Command Centre 8.90 prior to vEL8.90.1620 MR2, all versions of 8.80 and prior...

8.1CVSS0.00666EPSS
Exploits0References1
Prion
Prion
added 2023/12/18 10:15 p.m.16 views

Security feature bypass

Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed and lead to invalid configuration with undefined behavior. This issue affects: Gallagher Command Centre 8.90 prior to vEL8.90.1620 MR2, all versions of 8.80 and prior...

5.5CVSS7.3AI score0.00666EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/18 9:59 p.m.8 views

CVE-2023-23570

Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed and lead to invalid configuration with undefined behavior. This issue affects: Gallagher Command Centre 8.90 prior to vEL8.90.1620 MR2, all versions of 8.80 and prior...

5.4CVSS7AI score0.00666EPSS
Exploits0References1
CVE
CVE
added 2023/12/18 9:59 p.m.49 views

CVE-2023-23570

Gallagher Command Centre is affected by CVE-2023-23570 due to client-side enforcement bypassing server-side security, which can lead to invalid configurations and undefined behavior. Affected products and versions include Gallagher Command Centre 8.80 and prior, and 8.90 prior to vEL8.90.1620 (MR...

8.1CVSS8.1AI score0.00666EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/18 9:59 p.m.25 views

CVE-2023-23570

Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed and lead to invalid configuration with undefined behavior. This issue affects: Gallagher Command Centre 8.90 prior to vEL8.90.1620 MR2, all versions of 8.80 and prior...

5.4CVSS8.4AI score0.00666EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/12/18 12:0 a.m.5 views

PT-2023-19049 · Gallagher · Gallagher Command Centre

Name of the Vulnerable Software and Affected Versions: Gallagher Command Centre versions 8.80 and prior Gallagher Command Centre versions 8.90 prior to vEL8.90.1620 MR2 Description: The Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed, leading to...

8.1CVSS8.1AI score0.00666EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/10/10 4:48 p.m.23 views

CVE-2023-42787

A client-side enforcement of server-side security CWE-602 vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 may allow a remote attacker with low privileges to access a privileged web console via client side code execution...

6.5CVSS6.9AI score0.01372EPSS
Exploits1References2
OSV
OSV
added 2023/08/08 6:15 p.m.1 views

CVE-2023-39218

Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access...

4.9CVSS5.8AI score0.00931EPSS
Exploits0References1
NVD
NVD
added 2023/08/08 6:15 p.m.20 views

CVE-2023-36535

Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow an authenticated user to enable information disclosure via network access...

7.1CVSS6.6AI score0.01032EPSS
Exploits0References1
Rows per page
Query Builder