映射到 CWE-352 的搜索结果 (1428)

CVE-2018-9927(发布:2018-04-10 02:29:00)NMP
CVSS6.8

[原文]An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a user account via index.php?m=member&f=index&v=add.

CVE-2018-9856(发布:2018-04-09 03:29:00)NM
CVSS6.8

[原文]Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as demonstrated by triggering a permission change via a /admin-document/@@share request.

CVE-2014-5034(发布:2018-04-06 12:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protection page to wp-admin/options-general.php.

CVE-2014-5072(发布:2018-04-06 12:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVE-2018-6874(发布:2018-04-04 13:29:01)NM
CVSS6.8

[原文]CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled.

CVE-2018-8814(发布:2018-04-04 11:29:00)NMP
CVSS5.8

[原文]Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request.

首页上一页12345678下一页尾页 第3页 / 共238页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站