9 matches found
EUVD-2020-6191
Malware in sbrugna...
EUVD-2018-8943
Malware in sbrugna...
Improper Access Control
@finos/git-proxy is vulnerable to improper access control. The vulnerability is due to bypassing policies and explicit approvals when pushing to remote repositories, which allows an attacker to push code containing secrets or unwanted changes without required checks or plugin execution...
CSRF Edit Locale files
Description CSRF edit Locale files Proof of Concept 1 .Attack sends fake requests to users history.pushState'', '', '/'; document.forms0.submit; 2 .User click, edited unwanted Locale files Payload Poc https://drive.google.com/file/d/1wpgmDoK0fGsiPSKfThVoEWq50pj7sBz5/view?usp=sharing Video Poc...
Cross site request forgery (csrf)
Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as installing new modules or changing a password...
CVE-2020-14025
Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as installing new modules or changing a password...
Cross site request forgery (csrf)
Wowza Streaming Engine 4.8.0 and earlier suffers from multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as adding another admin user via enginemanager/server/user/edit.htm in the Server-Users component. This issue w...
Cross site request forgery (csrf)
PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery CSRF vulnerabilities in the Administration page. For example, an administrator, by following a link, can be tricked into making unwanted changes to a printer Disable, Approve, etc...
CVE-2013-2868
Removed by vendor...