Lucene search
K

4 matches found

seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Zenoss 2.3.3 Multiple Cross Site Request Forgery Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37843/info Zenoss is prone to multiple cross-site request-forgery vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain administrative actions, execute arbitrary commands, gain unauthoriz...

7.1AI score
Exploits0
NVD
NVD
added 2010/02/26 5:30 p.m.17 views

CVE-2010-0713

Multiple cross-site request forgery CSRF vulnerabilities in Zenoss 2.3.3, and other versions before 2.5, allow remote attackers to hijack the authentication of an administrator for 1 requests that reset user passwords via zport/dmd/ZenUsers/admin, and 2 requests that change user commands, which...

6.8CVSS7.5AI score0.01946EPSS
Exploits1References6
Cvelist
Cvelist
added 2010/02/26 5:3 p.m.18 views

CVE-2010-0712

Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the 1 severity, 2 state, 3 filter, 4 offset, and 5 count parameters...

8AI score0.01978EPSS
Exploits1References7
Packet Storm
Packet Storm
added 2010/01/17 12:0 a.m.25 views

Zenoss 2.3.3 Cross Site Request Forgery

nGenuity Information Services - Security Advisory Advisory ID: NGENUITY-2010-002 - Zenoss Multiple Admin CSRF Application: Zenoss 2.3.3 Vendor: Zenoss Vendor website: http://www.zenoss.com Author: Adam Baldwin [email protected] I. BACKGROUND Zenoss is a commercial and open source system...

0.5AI score
Exploits0
Rows per page
Query Builder