Lucene search
K

826 matches found

CVE
CVE
added 2026/05/26 5:30 p.m.49 views

CVE-2026-47202

Kavita (cross‑platform reading server) before version 0.9.0.2 is affected by an improper token validation flaw that allows a remote, unauthenticated attacker to obtain a JWT for any user, including admins, given knowledge of the username. The issue stems from inadequate validation of tokens and i...

9.3CVSS5.7AI score0.00171EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/26 4:45 p.m.12 views

EUVD-2026-31889

Lack of CSRF token validation lead to a CSRF attack vector in the admin activation endpoint of comusers...

4.6CVSS5.8AI score0.00104EPSS
Exploits0References1
NVD
NVD
added 2026/05/26 4:16 p.m.14 views

CVE-2026-46620

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how sessionhandler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates...

6.5CVSS0.00133EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/26 3:4 p.m.9 views

EUVD-2026-31851

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how sessionhandler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 3:4 p.m.10 views

CVE-2026-46620

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how sessionhandler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/05/26 3:4 p.m.25 views

CVE-2026-46620

CVE-2026-46620 affects the e107 CMS. Prior to version 2.3.5, CSRF protection for comment moderation actions was weakened because session_handler::check() only validates a token if one is present; if no token exists, the check is skipped. This could allow unauthorized state changes via CSRF where ...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/26 3:4 p.m.9 views

CVE-2026-46620 e107: CSRF in comment.php moderation endpoints via token-optional validation in session_handler::check()

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how sessionhandler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 3:4 p.m.41 views

CVE-2026-46620 e107: CSRF in comment.php moderation endpoints via token-optional validation in session_handler::check()

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how sessionhandler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates...

6.5CVSS0.00133EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/26 12:0 a.m.11 views

Joomla! CMS 跨站请求伪造漏洞

Joomla! CMS is a content management system developed under the open source Joomla! framework. Joomla! CMS has a cross-site request forgeing vulnerability, which stems from the lack of CSRF token validation. This vulnerability may lead to cross-site request forgeing attacks at the comusers...

4.6CVSS5.7AI score0.00104EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.27 views

PT-2026-43291

Name of the Vulnerable Software and Affected Versions com users affected versions not specified Description Lack of Cross-Site Request Forgery CSRF token validation—a mechanism used to prevent unauthorized commands from being transmitted from a user the web application trusts—leads to a CSRF atta...

4.6CVSS5.8AI score0.00104EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.18 views

PT-2026-43353

Kavita is a cross platform reading server. Prior to 0.9.0.2, an Improper Token validation flaw permits a remote and unauthenticated threat actor to request a JWT for any user including admins given knowledge of their username. This vulnerability is fixed in 0.9.0.2...

9.3CVSS5.7AI score0.00171EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/26 12:0 a.m.11 views

PT-2026-43269

e107 is a content management system CMS. Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how session handler::check handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validate...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/22 4:26 p.m.13 views

CVE-2026-28735 GitHub OAuth Scope Validation

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the OAuth token scope on the callback which allows an authenticated Mattermost user to gain access to private repositories via modifying the scope parameter in the GitHub authorization URL...

5.4CVSS0.00138EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/21 9:30 p.m.6 views

Concrete CMS is Vulnerable to Cross-Site Request Forgery

Concrete CMS 9.5.0 and below emits a CSRF token in the localavailableupdate.php view $token-output'doupdate' but the corresponding doupdate method in concrete/controllers/singlepage/dashboard/system/update/update.php never calls $this-token-validate'doupdate'. The form is rendered as a POST form,...

8.8CVSS5.8AI score0.00132EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/05/21 9:16 p.m.17 views

CVE-2026-8428

Concrete CMS 9.5.0 and below emits a CSRF token in the localavailableupdate.php view $token-output'doupdate' but the corresponding doupdate method in concrete/controllers/singlepage/dashboard/system/update/update.php never calls $this-token-validate'doupdate'. The form is rendered as a POST form,...

8.8CVSS0.00132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/21 8:24 p.m.10 views

CVE-2026-8428 CSRF token is not validated in the core CMS update controller for Concrete CMS 9.5.0 and below

Concrete CMS 9.5.0 and below emits a CSRF token in the localavailableupdate.php view $token-output'doupdate' but the corresponding doupdate method in concrete/controllers/singlepage/dashboard/system/update/update.php never calls $this-token-validate'doupdate'. The form is rendered as a POST form,...

7.5CVSS5.7AI score0.00132EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/21 12:0 a.m.9 views

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions of Concrete CMS 9.5.0 and earlier had a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of validation of CSRF tokens, which could allow attackers to overwrite PHP files...

8.8CVSS5.8AI score0.00171EPSS
Exploits0References1
OSV
OSV
added 2026/05/20 3:45 p.m.5 views

GHSA-9QV9-8XV6-5P35 phpMyFAQ: Unauthenticated Password Reset Endpoint Allows User Enumeration and Forced Password Change Without Token Validation

Summary The password reset API can be triggered without authentication and without any out-of-band confirmation step. If an attacker knows a valid username + email pair, they can call the reset endpoint directly. The application immediately generates a new password, writes it to the account, and...

8.2CVSS5.8AI score0.00241EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/20 3:45 p.m.11 views

phpMyFAQ: Unauthenticated Password Reset Endpoint Allows User Enumeration and Forced Password Change Without Token Validation

Summary The password reset API can be triggered without authentication and without any out-of-band confirmation step. If an attacker knows a valid username + email pair, they can call the reset endpoint directly. The application immediately generates a new password, writes it to the account, and...

8.8CVSS5.8AI score0.00241EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2026/05/19 7:49 p.m.26 views

GHSA-HCF7-66RW-9F5R Turbo: Login callback CSRF/session fixation

Impact Turborepo's self-hosted login and SSO browser flows did not validate a CSRF state value on the localhost callback. While the CLI was waiting for authentication, a malicious web page could send a request to the local callback server with an attacker-controlled token. If accepted before the...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3
Rows per page
Query Builder