5 matches found
Authentication Bypass
firefox is vulnerable to authentication bypass. The vulnerability exists because preload cache bypasses subresource integrity when loading a script which allows an attacker to gain access to internal system and perform unwanted action...
Cross-Site Request Forgery (CSRF) in justingit/dada-mail
✍️ Description Attacker able to delete any Profile filed with CSRF attack. In CSRF attacks it is necessary that a user logged into your application and just going to a malicious website and after that only with a redirection attacker can perform attack on unprotected endpoint, this means only with...
Cross-Site Request Forgery (CSRF) in qkqpttgf/onemanager-php
✍️ Description Attacker able to rename any file with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...
Cross-Site Request Forgery (CSRF) in namelessmc/nameless
✍️ Description Attacker able to delete any custom page with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...
CVE-2020-25766
An issue was discovered in MISP before 2.4.132. It can perform an unwanted action because of a POST operation on a form that is not linked to the login page...