Socomec DIRIS Digiware M-70 Cross-Site Request Forgery Vulnerability

The Socomec DIRIS Digiware M-70 is a communication gateway device that serves as an access point for the DIRIS Digiware system, which combines 24VDC power and communication functions in a single unit. A cross-site request forgery vulnerability exists in the Socomec DIRIS Digiware M-70 that stems...

WordPress plugin Depicter 跨站请求伪造漏洞

WordPress Depicter plugin is a slider, popup and rotator image creation tool designed for WordPress, offering a no-code interface and rich customization features. The WordPress Depicter plugin suffers from a cross-site request forgery vulnerability, which originates from a web application that do...

Car Rental Portal Cross-Site Request Forgery Vulnerability

Car Rental Portal is a rental car portal. Car Rental Portal suffers from a cross-site request forgery vulnerability that arises from a web application that does not adequately validate that a request is coming from a trusted user. The vulnerability can be exploited by an attacker to spoof a...

School Fees Payment System Cross-Site Request Forgery Vulnerability

School Fees Payment System is a tuition payment system. School Fees Payment System is vulnerable to a cross-site request forgery vulnerability that arises from a web application that does not adequately validate that a request is coming from a trusted user. No details of the vulnerability are...

WordPress Plugin LifterLMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

IBM Sterling B2B Integrator 安全漏洞

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with diverse partner communities. IBM Sterling B2B Integrator suffe...

IceCMS 跨站请求伪造漏洞

IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A cross-site request forgery vulnerability exists in IceCMS v2.0.1, which originates from a WEB application that does not adequately validate whether a request comes from a trusted user. An attack...

livehelperchat 跨站请求伪造漏洞

livehelperchat is available through live helper chat and can be used to provide live support on the website for free. A cross-site request forgery vulnerability previously existed in livehelperchat 2.0, which stemmed from a WEB application that did not adequately validate that a request was comin...

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Nifty Newsletters plugin 4.0.23 and earlier...

pajbot 跨站请求伪造漏洞

pajbot is a software application. A twitch chatbot. A cross-site request forgery vulnerability exists in versions prior to Pajbot 1.52, which stems from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could exploit the vulnerability to...

Esri Arcgis Server 代码问题漏洞

Esri Arcgis Server is the United States Esri company's a Web-oriented can be used to provide geographic location services, enterprise-class software platform. A security vulnerability exists in Esri ArcGIS Server versions prior to 10.8, which stems from a configuration that does not adequately...

McAfee Data Loss Prevention ePO extension Cross-Site Request Forgery Vulnerability

McAfee Data Loss Prevention Endpoint DLPe is an integrated endpoint data protection solution from McAfee, Inc. that prevents theft and accidental disclosure of confidential data and provides security policies for file processing and transmission, shared data flow control and data encryption. The...

Cross-Site Request Forgery Vulnerability in Multiple NETGEAR Products (CNVD-2020-28139)

The NETGEAR WAC505 and others are a wireless access point AP from NETGEAR. A cross-site request forgery vulnerability exists in multiple NETGEAR products, which stems from a WEB application that does not adequately validate that a request is coming from a trusted user, and can be exploited by an...

TopManage OLK Cross-Site Request Forgery Vulnerability

TopManage OLK is a suite of e-commerce management solutions from TopManage Panama. A cross-site request forgery vulnerability exists in TopManage OLK version 2020. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user. An...

WordPress marketo-forms-and-tracking cross-site request forgery vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. A cross-site request forgery vulnerability exists in wp-admin/admin.php?page=marketofat in WordPress marketo-forms-and-tracking plugin 1.0.2 and prior versions. The vulnerability stems from...

Cobbler Cross-Site Request Forgery Vulnerability (CNVD-2019-42585)

Cobbler is a network installation server suite for quickly setting up a Linux network installation environment. A cross-site request forgery vulnerability exists in Cobbler that stems from a WEB application that does not adequately validate that a request is coming from a trusted user, which can ...

Squid Cross-Site Request Forgery Vulnerability

Squid is a suite of proxy server and web caching server software. The software provides features such as caching the World Wide Web, filtering traffic, and proxying the Internet. A cross-site request forgery vulnerability exists in the HTTP request processing in Squid, which arises from a WEB...

Intelbras IWR 1000N Cross-Site Request Forgery Vulnerability

Intelbras IWR 1000N is a wireless router from Intelbras Poland. A cross-site request forgery vulnerability exists in the Intelbras IWR 1000N. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could exploit th...

CloudBees Jenkins Kmap Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software release/testing projects and some timed tasks . Kmap Plugin is used in one of the application release...