Tag
#csrf
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
twill is vulnerable to Cross-Site Request Forgery (CSRF)
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
iCMS v7.0.15 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admincp.php?app=members&do=add.
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.
Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router.
Beeline Smart box 2.0.38 is vulnerable to Cross Site Request Forgery (CSRF) via mgt_end_user.htm.
Airangel HSMX Gateway devices through 5.2.04 allow CSRF.