17 matches found
EUVD-2015-0781
Malware in sbrugna...
EUVD-2025-27204
Malicious code in bioql PyPI...
CVE-2025-42923
Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated user could be tricked by an attacker to send unintended request to the web server. This has low impact on integrity and no impact on confidentiality and availability of the application...
SAP Fiori App Manage Work Center Groups Cross-Site Request Forgery Vulnerability
SAP Fiori App Manage Work Center Groups is an enterprise application from SAP with the ability to manage and maintain work center groups. A cross-site request forgery vulnerability exists in SAP Fiori App Manage Work Center Groups, which stems from insufficient CSRF protection and can be exploite...
CVE-2025-42923
Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated user could be tricked by an attacker to send unintended request to the web server. This has low impact on integrity and no impact on confidentiality and availability of the application...
CVE-2025-42923
CVE-2025-42923 is a cross-site request forgery (CSRF) vulnerability in SAP Fiori App Manage Work Center Groups. An authenticated user could be tricked into sending unintended requests to the web server. The CVSS 3.1 vector indicates Network attack, Low attack complexity, Privileges Required: Low,...
CVE-2025-42923 Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (F4044 Manage Work Center Groups)
Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated user could be tricked by an attacker to send unintended request to the web server. This has low impact on integrity and no impact on confidentiality and availability of the application...
CVE-2025-42923 Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori App (F4044 Manage Work Center Groups)
Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated user could be tricked by an attacker to send unintended request to the web server. This has low impact on integrity and no impact on confidentiality and availability of the application...
PT-2025-36554
Name of the Vulnerable Software and Affected Versions: SAP Fiori App Manage Work Center Groups affected versions not specified Description: Insufficient Cross-Site Request Forgery CSRF protection exists in SAP Fiori App Manage Work Center Groups, potentially allowing an authenticated user to be...
SAP Fiori App Manage Work Center Groups 跨站请求伪造漏洞
SAP Fiori App Manage Work Center Groups is an enterprise application from SAP with the ability to manage and maintain work center groups. A cross-site request forgery vulnerability exists in SAP Fiori App Manage Work Center Groups, which stems from insufficient CSRF protection and can be exploite...
CVE-2022-30619
Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the...
CVE-2022-30619
Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the...
Sql injection
Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the...
CVE-2022-30619 Agile Point - Agile Point NX SQL injection (SQLi)
Editable SQL Queries behind Base64 encoding sending from the Client-Side to The Server-Side for a particular API used in legacy Work Center module. He attack is available for any authenticated user, in any kind of rule. under the function : /AgilePointServer/Extension/FetchUsingEncodedData in the...
CVE-2018-2405
SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting...
CVE-2015-0768
The Device Work Center DWC component in Cisco Prime Network Control System NCS 2.10.0.85, 2.20.0.58, and 2.20.0.69 does not properly implement AAA roles, which allows remote authenticated users to bypass intended access restrictions and execute commands via a login session, aka Bug ID CSCur27371...
Cisco Prime Network Control System Unauthorized Configuration Vulnerability
A vulnerability in the authentication, authorization, and accounting AAA user roles of the Cisco Prime Network Control System NCS network management application could allow an authenticated, remote attacker who is logged in as a system monitor user to perform configuration tasks. The vulnerabilit...