Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

CRM Education Akademik 9.0 Directory Traversal

CRM Education Akademik version 9.0 suffers from a directory traversal vulnerability.

Packet Storm
#sql#xss#csrf#vulnerability#web#ios#mac#windows#apple#google#ubuntu#linux#debian#cisco#java#php#perl#auth#ruby#firefox
Courier Deprixa Pro Integrated Web System 3.2.5 Cross Site Request Forgery

Courier Deprixa Pro Integrated Web System version 3.2.5 suffers from a cross site request forgery vulnerability.

CVE-2023-33534

A Cross-Site Request Forgery (CSRF) in Guanzhou Tozed Kangwei Intelligent Technology ZLTS10G software version S10G_3.11.6 allows attackers to takeover user accounts via sending a crafted POST request to /goform/goform_set_cmd_process.

CVE-2023-3508

The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when processing its tab actions, which could allow attackers to make logged in admins email pre-orders customer, change the released date, mark all pre-orders of a specific product as complete or cancel via CSRF attacks

CVE-2023-3507

The WooCommerce Pre-Orders WordPress plugin before 2.0.3 has a flawed CSRF check when canceling pre-orders, which could allow attackers to make logged in admins cancel arbitrary pre-orders via a CSRF attack