Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

CVE-2021-3683: huntr: Cross-Site Request Forgery (CSRF) JavaScript Vulnerability in showdoc

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

CVE
Open in Source
#csrf#vulnerability#java
CVE-2020-21141: just_for_fun/ICMS CSRF at master · hxcc/just_for_fun

iCMS v7.0.15 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admincp.php?app=members&do=add.

CVE-2021-43332: Bug #1949403 “A vulnerability could allow a list moderator to di...” : Bugs : GNU Mailman

In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.

CVE-2021-43332: Bug #1949403 “A vulnerability could allow a list moderator to di...” : Bugs : GNU Mailman

In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.

CVE-2020-28137: Offensive Security’s Exploit Database Archive

Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router.

CVE-2021-41426: CSRF уязвимость в роутере Smart box 2.0.38 - CVE-2021-41426

Beeline Smart box 2.0.38 is vulnerable to Cross Site Request Forgery (CSRF) via mgt_end_user.htm.

CVE-2021-40518: HSMX Gateway - Airangel - WiFi solutions

Airangel HSMX Gateway devices through 5.2.04 allow CSRF.