• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2020-13155

February 26, 2023 by

clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI.

CVE-2020-13156

February 26, 2023 by

modulesusersadminadd_user.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=user_add URI.

CVE-2020-13157

February 26, 2023 by

modulesusersadminedit.php in NukeViet 4.4 allows CSRF to change a user’s password via an admin/index.php?nv=users&op=edit&userid= URI. The old password is not needed.

CVE-2020-13186

February 26, 2023 by

An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link.

CVE-2020-12841

February 26, 2023 by

ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php

CVE-2020-12840

February 26, 2023 by

ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 162
  • Go to page 163
  • Go to page 164
  • Go to page 165
  • Go to page 166
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE