Смотрите также связанные темы 19.08.2018 CVE-2008-3716 Cross-site request forgery (CSRF) vulnerability in Harmoni before 1.6.0 allows remote attackers to make administrative modifications via a (1) save or (2) delete action to an unspecified component.
22.09.2018 Яндекс плохо охраняет наши деньги В сервисе Яндекс.Деньги обнаружена CSRF-уязвимость, позволяющая злоумышленику с помощью специальной страницы определять логин от Яндекс-аккаунта и количество денег на Яндекс.Кошельке.
23.09.2018 Sagem Routers F@ST Remote CSRF Exploit (dhcp hostname attack) Цель: WSN Links Free 4.0.34P Воздействие: Межсайтовый скриптинг
25.09.2018 CVE-2008-4247 ftpd in OpenBSD 4.3, FreeBSD 7.0, and NetBSD 4.0 interprets long commands from an FTP client as multiple commands, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and execute arbitrary FTP commands via a long ftp:// URI that leverages an existing session from the FTP client implementation in a web browser.
03.11.2018 CVE-2008-3868 Cross-site request forgery (CSRF) vulnerability in Interact 2.4.1 allows remote attackers to create super administrator accounts as super administrators.
16.12.2018 CVE-2008-5622 Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allow remote attackers to conduct SQL injection attacks via unknown vectors related to the table parameter, a different vector than CVE-2008-5621.
09.01.2018 CVE-2009-0112 Cross-site request forgery (CSRF) vulnerability in admin/agent_edit.asp in PollPro 3.0 allows remote attackers to create or modify accounts as administrators via the username, password, and name parameters.
16.01.2018 CVE-2009-0056 Cross-site request forgery (CSRF) vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to execute commands and modify appliance preferences as arbitrary users via a logout action.
04.02.2018 CVE-2008-6048 Multiple cross-site request forgery (CSRF) vulnerabilities in TangoCMS before 2.2.0 allow remote attackers to perform unauthorized actions as administrators via unspecified vectors.
13.04.2018 CVE-2009-1290 Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration interface in the Advanced Management Module (AMM) on the IBM BladeCenter, including the BladeCenter H with BPET36H 54, allow remote attackers to hijack the authentication of administrators, as demonstrated by a power-off request to the private/blade_power_action script.
|