映射到 CWE-352 的搜索结果 (1269)

CVE-2017-2138(发布:2017-08-02 12:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to hijack the authentication of administrators via unspecified vectors.

CVE-2017-11648(发布:2017-07-31 19:29:00)N
CVSS6.8

[原文]Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection against a CSRF vulnerability, as demonstrated by a goform/BasicSettings request to disable port filtering.

CVE-2017-11726(发布:2017-07-31 19:29:00)N
CVSS6.8

[原文]services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting.

CVE-2016-9716(发布:2017-07-31 17:29:00)NMS
CVSS6.8

[原文]IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119729.

CVE-2016-9714(发布:2017-07-31 17:29:00)NMS
CVSS6.8

[原文]IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119727.

CVE-2017-9489(发布:2017-07-30 23:29:00)NM
CVSS6.8

[原文]The Comcast firmware on Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST) devices allows configuration changes via CSRF.

首页上一页12345678下一页尾页 第2页 / 共212页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站