映射到 CWE-352 的搜索结果 (1421)

CVE-2018-9856(发布:2018-04-09 03:29:00)NM
CVSS6.8

[原文]Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as demonstrated by triggering a permission change via a /admin-document/@@share request.

CVE-2014-5034(发布:2018-04-06 12:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protection page to wp-admin/options-general.php.

CVE-2014-5072(发布:2018-04-06 12:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVE-2018-6874(发布:2018-04-04 13:29:01)NM
CVSS6.8

[原文]CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled.

CVE-2018-8814(发布:2018-04-04 11:29:00)NMP
CVSS5.8

[原文]Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request.

CVE-2017-3965(发布:2018-04-04 09:29:00)NM
CVSS6.8

[原文]Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to perform unauthorized tasks such as retrieving internal system information or manipulating the database via specially crafted URLs.

首页上一页12345678下一页尾页 第2页 / 共237页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站