8 matches found
CVE-2026-44430 MCP Registry: Unauthenticated SSRF: HTTP namespace verification dials 6to4 / NAT64 / site-local IPv6 addresses, bypassing private-address allowlist
The MCP Registry provides MCP clients with a list of MCP servers, like an app store for MCP servers. Prior to 1.7.7, the Registry's HTTP-based namespace verification POST /v0/auth/http, POST /v0.1/auth/http uses safeDialContext internal/api/handlers/v0/auth/http.go:67-110 to refuse dialling...
EUVD-2018-5731
Malware in sbrugna...
CVE-2019-15533
XENFCoreSharp before 2019-07-16 allows SQL injection in web/verify.php...
Cross site request forgery (csrf)
Multiple Cross Site Request Forgery CSRF vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login...
CVE-2018-13793
Multiple Cross Site Request Forgery CSRF vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login...
CVE-2018-13793
Multiple Cross Site Request Forgery CSRF vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login...
CVE-2018-13793
Multiple Cross Site Request Forgery CSRF vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login...
CVE-2018-13793
CVE-2018-13793 concerns ABBYY FlexiCapture’s HTTP API with multiple CSRF vulnerabilities affecting Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login prior to 12 Release 1 Update 7. The affected surface is the HTTP API in the mentioned modules; exploitation deta...