映射到 CWE-352 的搜索结果 (1315)

CVE-2017-7969(发布:2017-09-25 21:29:03)NMS
CVSS6.8

[原文]A cross-site request forgery vulnerability exists on the Secure Gateway component of Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version 1.0 for multiple state-changing requests. This type of attack requires some level of social engineering in order to get a legitimate user to click on or access a malicious link/site containing the CSRF attack.

CVE-2015-5182(发布:2017-09-25 17:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.

CVE-2015-7293(发布:2017-09-25 17:29:00)NM
CVSS6.8

[原文]Multiple cross-site request forgery (CSRF) vulnerabilities in Zope Management Interface 4.3.7 and earlier, and Plone before 5.x.

CVE-2015-0276(发布:2017-09-21 10:29:00)NMC
CVSS6.8

[CNNVD]Kallithea 跨站请求伪造漏洞--Kallithea是美国Software Freedom Conservancy组织下的一个项目,是一套免费的源码管理系统。该系统支持Mercurial和Git版本控制系统、托管代码、管理访问控制等。 Kallithea中存在跨站请求伪造漏洞。攻击者可利用该漏洞在受影响应用程序的...

CVE-2015-5395(发布:2017-09-20 14:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.

CVE-2015-5607(发布:2017-09-20 12:29:00)NM
CVSS6.8

[原文]Cross-site request forgery in the REST API in IPython 2 and 3.

首页上一页12345678下一页尾页 第3页 / 共220页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站