映射到 CWE-352 的搜索结果 (1180)

CVE-2016-4928(发布:2017-03-20 16:59:00)NM
CVSS6.8

[原文]Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space.

CVE-2015-8814(发布:2017-03-03 11:59:00)NM
CVSS6.8

[原文]Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file.

CVE-2016-4315(发布:2017-02-16 21:59:12)NMP
CVSS3.5

[原文]Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 allows remote attackers to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action to server-admin/proxy_ajaxprocessor.jsp.

CVE-2016-4311(发布:2017-02-16 21:59:11)NMP
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0 allows remote attackers to hijack the authentication of privileged users for requests that process XACML requests via an entitlement/eval-policy-submit.jsp request.

CVE-2016-2539(发布:2017-02-07 10:59:00)NMS
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in install_modules.php in ATutor before 2.2.2 allows remote attackers to hijack the authentication of users for requests that upload arbitrary files and execute arbitrary PHP code via vectors involving a crafted zip file.

CVE-2016-3029(发布:2017-02-01 15:59:00)NMS
CVSS6.8

[原文]IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

首页上一页4567891011下一页尾页 第6页 / 共197页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站