Lucene search
K

823 matches found

EUVD
EUVD
added 2026/05/26 3:4 p.m.9 views

EUVD-2026-31851

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how sessionhandler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 3:4 p.m.9 views

CVE-2026-46620 e107: CSRF in comment.php moderation endpoints via token-optional validation in session_handler::check()

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how sessionhandler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 3:4 p.m.41 views

CVE-2026-46620 e107: CSRF in comment.php moderation endpoints via token-optional validation in session_handler::check()

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how sessionhandler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates...

6.5CVSS0.00133EPSS
Exploits0References1
CVE
CVE
added 2026/05/26 3:4 p.m.24 views

CVE-2026-46620

CVE-2026-46620 affects the e107 CMS. Prior to version 2.3.5, CSRF protection for comment moderation actions was weakened because session_handler::check() only validates a token if one is present; if no token exists, the check is skipped. This could allow unauthorized state changes via CSRF where ...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 3:4 p.m.10 views

CVE-2026-46620

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how sessionhandler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.11 views

PT-2026-43269

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how session handler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validate...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.18 views

PT-2026-43353

Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated threat actor to request a JWT for any user including admins given knowledge of their username. This vulnerability is fixed in 0.9.0.2...

9.3CVSS5.7AI score0.00171EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Joomla! CMS 跨站请求伪造漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site request forgeing vulnerability, which stems from the lack of CSRF token validation. This vulnerability may lead to cross-site request forgeing attacks at the comusers...

4.6CVSS5.7AI score0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.27 views

PT-2026-43291

Name of the Vulnerable Software and Affected Versions com users affected versions not specified Description Lack of Cross-Site Request Forgery CSRF token validation—a mechanism used to prevent unauthorized commands from being transmitted from a user the web application trusts—leads to a CSRF atta...

4.6CVSS5.8AI score0.00104EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/22 4:26 p.m.13 views

CVE-2026-28735 GitHub OAuth Scope Validation

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL...

5.4CVSS0.00138EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/21 9:30 p.m.6 views

Concrete CMS is Vulnerable to Cross-Site Request Forgery

Concrete CMS 9.5.0 and below emits a CSRF token in the localavailableupdate.php view $token-output'doupdate' but the corresponding doupdate method in concrete/controllers/singlepage/dashboard/system/update/update.php never calls $this-token-validate'doupdate'. The form is rendered as a POST form,...

8.8CVSS5.8AI score0.00132EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/21 9:16 p.m.17 views

CVE-2026-8428

Concrete CMS 9.5.0 and below emits a CSRF token in the localavailableupdate.php view $token-output'doupdate' but the corresponding doupdate method in concrete/controllers/singlepage/dashboard/system/update/update.php never calls $this-token-validate'doupdate'. The form is rendered as a POST form,...

8.8CVSS0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 8:24 p.m.10 views

CVE-2026-8428 CSRF token is not validated in the core CMS update controller for Concrete CMS 9.5.0 and below

Concrete CMS 9.5.0 and below emits a CSRF token in the localavailableupdate.php view $token-output'doupdate' but the corresponding doupdate method in concrete/controllers/singlepage/dashboard/system/update/update.php never calls $this-token-validate'doupdate'. The form is rendered as a POST form,...

7.5CVSS5.7AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier had a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of validation of CSRF tokens, which could allow attackers to overwrite PHP files...

8.8CVSS5.8AI score0.00171EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/20 3:45 p.m.11 views

phpMyFAQ: Unauthenticated Password Reset Endpoint Allows User Enumeration and Forced Password Change Without Token Validation

Summary The password reset API can be triggered without authentication and without any out-of-band confirmation step. If an attacker knows a valid username + email pair, they can call the reset endpoint directly. The application immediately generates a new password, writes it to the account, and...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2026/05/20 3:45 p.m.5 views

GHSA-9QV9-8XV6-5P35 phpMyFAQ: Unauthenticated Password Reset Endpoint Allows User Enumeration and Forced Password Change Without Token Validation

Summary The password reset API can be triggered without authentication and without any out-of-band confirmation step. If an attacker knows a valid username + email pair, they can call the reset endpoint directly. The application immediately generates a new password, writes it to the account, and...

8.2CVSS5.8AI score0.00241EPSS
Exploits0References2
OSV
OSV
added 2026/05/19 7:49 p.m.26 views

GHSA-HCF7-66RW-9F5R Turbo: Login callback CSRF/session fixation

Impact Turborepo's self-hosted login and SSO browser flows did not validate a CSRF state value on the localhost callback. While the CLI was waiting for authentication, a malicious web page could send a request to the local callback server with an attacker-controlled token. If accepted before the...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3
OSV
OSV
added 2026/05/19 7:42 p.m.4 views

GHSA-G53W-W6MJ-HRPP MCP Gateway: Authority-injection and JWT/session bypass via the unauthenticated router hair-pin "router-key" / "mcp-init-host" path

Summary The MCP router extproc exposes an initialize-method code path that, when a request carries an mcp-init-host header, bypasses the gateway JWT session validator and rewrites the upstream :authority header to whatever the caller chooses, gated only by a single shared header value router-key...

9.3CVSS5.9AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/19 4:17 p.m.18 views

Github Actions issued GITHUB_TOKEN disclosure in GitHub Actions logs

Summary Composer leaks the full contents of tokens configured as GitHub OAuth tokens if they do not match Composer's expected format for such tokens to stderr. GitHub has introduced a new format for GitHub Actions GITHUBTOKEN values. These tokens are validated in the same way by Composer on GitHu...

5.7AI score0.00079EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/17 1:16 p.m.17 views

CVE-2018-25327

Joomla! Component Js Jobs 1.2.0 contains a cross-site request forgery vulnerability that allows attackers to perform state-changing actions without token validation. Attackers can craft malicious HTML forms targeting administrative endpoints like job.jobenforcedelete to delete job entries or modi...

6.9CVSS0.00143EPSS
Exploits0References4
Rows per page
Query Builder