映射到 CWE-352 的搜索结果 (1315)

CVE-2015-4089(发布:2017-09-19 11:29:00)NM
CVSS6.8

[原文]Multiple cross-site request forgery (CSRF) vulnerabilities in the optionsPageRequest function in admin.php in WP Fastest Cache plugin before 0.8.3.5 for WordPress allow remote attackers to hijack the authentication of unspecified victims for requests that call the (1) saveOption, (2) deleteCache, (3) deleteCssAndJsCache, or (4) addCacheTimeout method via the wpFastestCachePage parameter in the WpFastestCacheOptions/ page.

CVE-2014-6106(发布:2017-09-18 11:29:00)NMS
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1, 6.0, and 7.0 allows remote attackers to hijack the authentication of users for requests that can cause cross-site scripting attacks, web cache poisoning, or other unspecified impacts via unknown vectors.

CVE-2016-8737(发布:2017-09-13 12:29:00)NM
CVSS6.8

[原文]In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site request forgery (CSRF), which could permit a malicious web site to produce a link which, if clicked whilst a user is logged in to Brooklyn, would cause the server to execute the attacker's commands as the user. There is known to be a proof-of-concept exploit using this vulnerability.

CVE-2014-9565(发布:2017-09-07 16:29:00)NMCS
CVSS6.8

[CNNVD]IBM Flex System EN6131 40Gb Ethernet和IB6131 40Gb Infiniband Switches 跨站请求伪造漏洞--IBM Flex System EN6131 40Gb Ethernet和IB6131 40Gb Infiniband Switches都是美国IBM公司的产品。前者是一款以太网适配器产品;后者是一款交换机产品。 使用3.4.0000及之前版本固件的IBM Flex System...

CVE-2015-4619(发布:2017-09-07 16:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in Spina before commit bfe44f289e336f80b6593032679300c493735e75.

CVE-2015-4697(发布:2017-09-07 16:29:00)NMCS
CVSS6.8

[CNNVD]WordPress Google Analyticator插件跨站请求伪造漏洞--WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。Google Analyticator是其中的一个Google分析插件。 WordPress Google Analyticator插件中...

首页上一页23456789下一页尾页 第4页 / 共220页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站