3 matches found
CVE-2022-40319
The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References IDOR attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account...
Cross site request forgery (csrf)
DedeCMS v6.1.9 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add Administrator accounts and modify Admin passwords...
KLA10247 Vulnerability in MailMArshal SMTP
An unspecified vulnerability was found in MailMarshal SMTP. By exploiting this vulnerability malicious users can modify arbitrary account information. This vulnerability can be exploited remotely via a specially designed UserId variable. Original advisories - Related products M86-MailMarshal-SMTP...