Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
csrf vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-47712
Subrion CMS version 2.2.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
5.8
CVSSv2
CVE-2012-4842
Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x up to and including 8.5.3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Ibm Lotus Domino 8.5.1.2
Ibm Lotus Domino 8.5.1
Ibm Lotus Domino 8.5.2.4
Ibm Lotus Domino 8.5.3.0
Ibm Lotus Domino 8.5.1.3
Ibm Lotus Domino 8.5.0
Ibm Lotus Domino 8.5.2.2
Ibm Lotus Domino 8.5.2.1
Ibm Lotus Domino 8.5.0.1
Ibm Lotus Domino 8.5.1.5
Ibm Lotus Domino 8.5.2.0
Ibm Lotus Domino 8.5.2.3
Ibm Lotus Domino 8.5.1.1
Ibm Lotus Domino 8.5.1.4
4.3
CVSSv2
CVE-2012-4844
Cross-site scripting (XSS) vulnerability in the web server in IBM Lotus Domino 8.5.x up to and including 8.5.3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Lotus Domino 8.5.1.4
Ibm Lotus Domino 8.5.0
Ibm Lotus Domino 8.5.1.3
Ibm Lotus Domino 8.5.1.2
Ibm Lotus Domino 8.5.2.2
Ibm Lotus Domino 8.5.2.4
Ibm Lotus Domino 8.5.0.1
Ibm Lotus Domino 8.5.1.5
Ibm Lotus Domino 8.5.1.1
Ibm Lotus Domino 8.5.2.3
Ibm Lotus Domino 8.5.1
Ibm Lotus Domino 8.5.2.1
Ibm Lotus Domino 8.5.3.0
Ibm Lotus Domino 8.5.2.0
4.3
CVSSv2
CVE-2014-7956
Cross-site scripting (XSS) vulnerability in the Pods plugin prior to 2.5 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the id parameter in an edit action in the pods page to wp-admin/admin.php.
Podsfoundation Pods
6.8
CVSSv2
CVE-2014-9341
Multiple cross-site request forgery (CSRF) vulnerabilities in the yURL ReTwitt plugin 1.4 and previous versions for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) yurl_...
Yurl Retwitt Project Yurl Retwitt 1.4
6
CVSSv2
CVE-2021-24085
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server 2019
Microsoft Exchange Server 2016
1 Github repository
6.8
CVSSv2
CVE-2015-7925
Cross-site request forgery (CSRF) vulnerability on eWON devices with firmware up to and including 10.1s0 allows remote malicious users to hijack the authentication of administrators for requests that trigger firmware upload, removal of configuration data, or a reboot.
Ewon Ewon Firmware
4.3
CVSSv2
CVE-2015-7927
Cross-site scripting (XSS) vulnerability on eWON devices with firmware up to and including 10.1s0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ewon Ewon Firmware
5
CVSSv2
CVE-2015-7928
eWON devices with firmware prior to 10.1s0 do not have an off autocomplete attribute for a password field, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Ewon Ewon Firmware
6.8
CVSSv2
CVE-2015-2755
Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin prior to 4.0 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) l...
Ab Google Map Travel Project Ab Google Map Travel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »