#csrf

CVE-2022-35611: CVE-ID: CVE-2022-35611

A Cross-Site Request Forgery (CSRF) in MQTTRoute v3.3 and below allows attackers to create and remove dashboards.

2 years ago

#xss #csrf #web #windows #js #java #firefox

CVE-2022-34022: CVE-ID: CVE-2022-34022

SQL injection vulnerability in ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 via a crafted POST request to /ResiotQueryDBActive.

2 years ago

CVE

Open in Source

#sql #csrf #vulnerability #windows #firefox

CVE-2022-41474: There is a CSRF vulnerability that can change the password of any account · Issue #3 · ralap-z/rpcms

RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily change the password of any account.

2 years ago

CVE

Open in Source

#csrf #vulnerability #git

CVE-2022-41489: IOT_Vulnerability_Discovery/3_csrf.md at main · splashsc/IOT_Vulnerability_Discovery

WAYOS LQ_09 22.03.17V was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to send crafted requests to the server from the affected device. This vulnerability is exploitable due to a lack of authentication in the component Usb_upload.htm.

2 years ago

CVE

Open in Source

#csrf #vulnerability #auth

CVE-2022-41475: There is a CSRF vulnerability that can add an administrator account · Issue #2 · ralap-z/rpcms

RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add an administrator account.

2 years ago

CVE

Open in Source

#csrf #vulnerability

CVE-2022-34020: Cross-Site Request Forgery Prevention - OWASP Cheat Sheet Series

Cross Site Request Forgery (CSRF) vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts.

2 years ago

CVE

Open in Source