6 matches found
CVE-2021-41245
Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, CSRF tokens generated by privUITransactionFile aren't properly checked. Versions 2.7.6 and 3.0.0 contain a patch for this issue. As a workaround, use the session implementation by adding in the iTop conf...
CVE-2021-41245
Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, CSRF tokens generated by privUITransactionFile aren't properly checked. Versions 2.7.6 and 3.0.0 contain a patch for this issue. As a workaround, use the session implementation by adding in the iTop conf...
Cross site request forgery (csrf)
Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, CSRF tokens generated by privUITransactionFile aren't properly checked. Versions 2.7.6 and 3.0.0 contain a patch for this issue. As a workaround, use the session implementation by adding in the iTop conf...
CVE-2021-41245
CVE-2021-41245 affects Combodo iTop prior to 2.7.6 and 3.0.0 where CSRF tokens generated by privUITransactionFile are not properly checked. RH and Red Hat entries corroborate the same issue and note that versions 2.7.6 and 3.0.0 include a patch. A workaround is to use a session-based implementati...
CVE-2021-41245 Possible Cross-Site Request Forgery in Combodo iTop
Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.6 and 3.0.0, CSRF tokens generated by privUITransactionFile aren't properly checked. Versions 2.7.6 and 3.0.0 contain a patch for this issue. As a workaround, use the session implementation by adding in the iTop conf...
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass
FiberHome VDSL2 Modem HG 150-UB - Authentication Bypass Exploit Title: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass Date: 04/03/2018 Exploit Author: Noman Riffat Vendor Homepage: http://www.fiberhome.com/ CVE : CVE-2018-9248, CVE-2018-9248 The vulnerability exists in plain text & hard...