CVE

Id
37903  
CVE No.
CVE-2009-0468  
Status
Candidate  
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that (1) shutdown the server, (2) send ping packets, (3) enable network services, (4) configure a proxy server, and (5) modify other settings via parameters in the query string.  
Phase
Assigned (20090205)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
411653 37903 CVE-2009-0468 MILW0RM:7919  View
411654 37903 CVE-2009-0468 URL:http://www.milw0rm.com/exploits/7919  View
411655 37903 CVE-2009-0468 BID:33523  View
411656 37903 CVE-2009-0468 URL:http://www.securityfocus.com/bid/33523  View
411657 37903 CVE-2009-0468 OSVDB:51660  View
411658 37903 CVE-2009-0468 URL:http://osvdb.org/51660  View
411659 37903 CVE-2009-0468 SECUNIA:33739  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
40045 JVNDB-2009-001051 Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge にクロスサイトスクリプティングの脆弱性 Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge のウェブインターフェース管理画面にはクロスサイトスクリプティングの脆弱性が存在します。 CVE-2009-0472 37903 4.3 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-001051.html  View