映射到 CWE-352 的搜索结果 (1324)

CVE-2015-0276(发布:2017-09-21 10:29:00)NMC
CVSS6.8

[CNNVD]Kallithea 跨站请求伪造漏洞--Kallithea是美国Software Freedom Conservancy组织下的一个项目,是一套免费的源码管理系统。该系统支持Mercurial和Git版本控制系统、托管代码、管理访问控制等。 Kallithea中存在跨站请求伪造漏洞。攻击者可利用该漏洞在受影响应用程序的...

CVE-2015-5395(发布:2017-09-20 14:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.

CVE-2015-5607(发布:2017-09-20 12:29:00)NM
CVSS6.8

[原文]Cross-site request forgery in the REST API in IPython 2 and 3.

CVE-2015-4089(发布:2017-09-19 11:29:00)NM
CVSS6.8

[原文]Multiple cross-site request forgery (CSRF) vulnerabilities in the optionsPageRequest function in admin.php in WP Fastest Cache plugin before 0.8.3.5 for WordPress allow remote attackers to hijack the authentication of unspecified victims for requests that call the (1) saveOption, (2) deleteCache, (3) deleteCssAndJsCache, or (4) addCacheTimeout method via the wpFastestCachePage parameter in the WpFastestCacheOptions/ page.

CVE-2014-6106(发布:2017-09-18 11:29:00)NMS
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1, 6.0, and 7.0 allows remote attackers to hijack the authentication of users for requests that can cause cross-site scripting attacks, web cache poisoning, or other unspecified impacts via unknown vectors.

CVE-2016-8737(发布:2017-09-13 12:29:00)NM
CVSS6.8

[原文]In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site request forgery (CSRF), which could permit a malicious web site to produce a link which, if clicked whilst a user is logged in to Brooklyn, would cause the server to execute the attacker's commands as the user. There is known to be a proof-of-concept exploit using this vulnerability.

首页上一页345678910下一页尾页 第5页 / 共221页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站