3 matches found
CVE-2021-29436
Anuko Time Tracker is an open source, web-based time tracking application written in PHP. In Time Tracker before version 1.19.27.5431 a Cross site request forgery CSRF vulnerability existed. The nature of CSRF is that a logged on user may be tricked by social engineering to click on an...
Cross-Site Request Forgery (CSRF) in star7th/showdoc
Description I found that the CSRF vulnerability that I reported to you before https://huntr.dev/bounties/1d8439e8-b3f7-40f8-8b30-f9cb05ff2bcd/ can still be exploited via the GET request. An attacker is able to do unintentional action in the victim account by tricking other users clicking on the...
Cross site request forgery (csrf)
A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 see notification for affected versions, that could cause a user to perform an unintended action on the target device when using the HTTP web...