CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CSRF)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-2089 352 XSS CSRF 2015-02-26 2015-02-26
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the CrossSlide jQuery (crossslide-jquery-plugin-for-wordpress) plugin 2.0.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or conduct cross-site scripting (XSS) attacks via the (2) csj_width, (3) csj_height, (4) csj_sleep, (5) csj_fade, or (6) upload_image parameter in the thisismyurl_csj.php page to wp-admin/options-general.php.
2 CVE-2015-2084 352 1 XSS CSRF 2015-02-25 2015-02-26
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in an edit action in the cnss_social_icon_add page to wp-admin/admin.php.
3 CVE-2015-2083 352 CSRF 2015-02-25 2015-02-26
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Ilch CMS allows remote attackers to hijack the authentication of administrators for requests that add a value to a profile field via a profilefields request to admin.php.
4 CVE-2015-2048 352 CSRF 2015-02-23 2015-02-24
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
5 CVE-2015-2039 352 XSS CSRF 2015-02-20 2015-02-23
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Acobot Live Chat & Contact Form plugin 2.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or (2) conduct cross-site scripting (XSS) attacks via the acobot_token parameter in the acobot page to wp-admin/options-general.php.
6 CVE-2015-1614 352 XSS CSRF 2015-02-19 2015-02-20
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Image Metadata Cruncher plugin for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) image_metadata_cruncher[alt] or (2) image_metadata_cruncher[caption] parameter in an update action in the image_metadata_cruncher_title page to wp-admin/options.php or (3) custom image meta tag to the image metadata cruncher page.
7 CVE-2015-1585 352 CSRF 2015-02-19 2015-02-20
6.8
None Remote Medium Not required Partial Partial Partial
Fat Free CRM before 0.13.6 allows remote attackers to conduct cross-site request forgery (CSRF) attacks via a request without the authenticity_token, as demonstrated by a crafted HTML page that creates a new administrator account.
8 CVE-2015-1581 352 XSS CSRF 2015-02-11 2015-02-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mobile Domain plugin 1.5.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or conduct cross-site scripting (XSS) attacks via the (2) domain, (3) text, (4) font, (5) fontcolor, (6) color, or (7) padding parameter in an add-domain action in the mobile-domain page to wp-admin/options-general.php.
9 CVE-2015-1580 352 XSS CSRF 2015-02-11 2015-02-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Redirection Page plugin 1.2 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings or conduct cross-site scripting (XSS) attacks via the (2) source or (3) redir parameter in an add action in the redirection-page to wp-admin/options-general.php.
10 CVE-2015-1568 352 CSRF 2015-02-09 2015-02-09
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the GD Infinite Scroll module before 7.x-1.4 for Drupal allows remote attackers to hijack the authentication of users with the "edit gd infinite scroll settings" permission for requests that delete settings via unspecified vectors.
11 CVE-2015-1559 352 CSRF 2015-02-10 2015-02-11
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in administrator.php in Epignosis eFront Open Source Edition before 3.6.15.3 build 18022 allow remote attackers to hijack the authentication of administrators for requests that (1) delete modules via the delete_module parameter, (2) deactivate modules via the deactivate_module parameter, (3) activate modules via the activate_module parameter, (4) delete users via the delete_user parameter, (5) deactivate users via the deactivate_user parameter, (6) activate users via the activate_user parameter, (7) activate themes via the set_theme parameter, (8) deactivate themes via the set_theme parameter, (9) delete themes via the delete parameter, (10) deactivate events (user registration or email activation) via the deactivate_notification parameter, (11) activate events via the activate_notification parameter, (12) delete events via the delete_notification parameter, (13) deactivate language settings via the deactivate_language parameter, (14) activate language settings via the activate_language parameter, (15) delete language settings via the delete_language parameter, or (16) activate or deactivate the autologin feature for a user via a crafted maintenance request.
12 CVE-2015-1432 352 CSRF 2015-02-10 2015-02-11
6.8
None Remote Medium Not required Partial Partial Partial
The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors.
13 CVE-2015-1424 352 1 CSRF 2015-01-29 2015-01-30
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote attackers to hijack the authentication of administrators for requests that add an administrator user via a newuser request to admin/index.php.
14 CVE-2015-1374 352 Sql XSS CSRF 2015-01-27 2015-01-27
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in ferretCMS 1.0.4-alpha allow remote attackers to hijack the authentication of administrators for requests that conduct (1) cross-site scripting (XSS), (2) SQL injection, or (3) unrestricted file upload attacks.
15 CVE-2015-0920 352 XSS CSRF 2015-01-08 2015-01-08
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Banner Effect Header plugin 1.2.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the banner_effect_email parameter in the BannerEffectOptions page to wp-admin/options-general.php.
16 CVE-2015-0651 352 CSRF 2015-02-26 2015-02-27
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the web GUI in Cisco Application Networking Manager (ANM), and Device Manager (DM) on Cisco 4710 Application Control Engine (ACE) appliances, allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo99753.
17 CVE-2015-0596 352 CSRF 2015-02-01 2015-02-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj67163.
18 CVE-2015-0588 352 CSRF 2015-01-15 2015-01-27
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055.
19 CVE-2014-10027 352 CSRF 2015-01-13 2015-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 router with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that (1) change the MAC filter restrict mode, (2) add a MAC address to the filter, or (3) remove a MAC address from the filter via a crafted request to index.cgi.
20 CVE-2014-10025 352 CSRF 2015-01-13 2015-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DAP-1360 with firmware 2.5.4 and earlier allow remote attackers to hijack the authentication of unspecified users for requests that change the (1) Enable Wireless, (2) MBSSID, (3) BSSID, (4) Hide Access Point, (5) SSID, (6) Country, (7) Channel, (8) Wireless mode, or (9) Max Associated Clients setting via a crafted request to index.cgi.
21 CVE-2014-10019 352 1 CSRF 2015-01-13 2015-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in webconfig/wlan/country.html/country in the Teracom T2-B-Gawv1.4U10Y-BI modem allow remote attackers to hijack the authentication of administrators for requests that (1) change the SSID or (2) change the password via a crafted request.
22 CVE-2014-10014 352 XSS CSRF 2015-01-13 2015-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in PHPJabbers Event Booking Calendar 2.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change the username and password of the administrator via an update action to the AdminOptions controller or conduct cross-site scripting (XSS) attacks via the (2) event_title parameter in a create action to the AdminEvents controller or (3) category_title parameter in a create action to the AdminCategories controller.
23 CVE-2014-10008 352 CSRF 2015-01-13 2015-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Stark CRM 1.0 allow remote attackers to hijack the authentication of administrators for requests that add (1) an administrator via a crafted request to the admin page, (2) an agent via a crafted request to the agent page, (3) a sub-agent via a crafted request to the sub_agent page, (4) a partner via a crafted request to the partner page, or (5) a client via a crafted request to the client page.
24 CVE-2014-10006 352 XSS CSRF 2015-01-13 2015-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Maian Uploader 4.0 allow remote attackers to hijack the authentication of unspecified users for requests that conduct cross-site scripting (XSS) attacks via the width parameter to (1) uploader/admin/js/load_flv.js.php or (2) uploader/js/load_flv.js.php.
25 CVE-2014-100025 352 CSRF 2015-01-13 2015-01-29
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request.
26 CVE-2014-9587 352 CSRF 2015-01-15 2015-01-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcube Webmail before 1.0.4 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, related to (1) address book operations or the (2) ACL or (3) Managesieve plugins.
27 CVE-2014-9525 352 XSS CSRF 2015-01-05 2015-01-06
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Timed Popup (wp-timed-popup) plugin 1.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or (2) conduct cross-site scripting (XSS) attacks via the sc_popup_subtitle parameter in the wp-popup.php page to wp-admin/options-general.php.
28 CVE-2014-9524 352 XSS CSRF 2015-01-05 2015-01-06
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Facebook Like Box (cardoza-facebook-like-box) plugin before 2.8.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or conduct cross-site scripting (XSS) attacks via the (2) frm_title, (3) frm_url, (4) frm_border_color, (5) frm_width, or (6) frm_height parameter in the slug_for_fb_like_box page to wp-admin/admin.php.
29 CVE-2014-9523 352 XSS CSRF 2015-01-05 2015-01-06
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Our Team Showcase (our-team-enhanced) plugin before 1.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or (2) conduct cross-site scripting (XSS) attacks via the sc_our_team_member_count parameter in the sc_team_settings page to wp-admin/edit.php.
30 CVE-2014-9510 352 CSRF 2015-01-09 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import.
31 CVE-2014-9460 352 XSS CSRF 2015-01-02 2015-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the WP-ViperGB plugin before 1.3.11 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or conduct cross-site scripting (XSS) attacks via the (2) vgb_page or (3) vgb_items_per_pg parameter in the wp-vipergb page to wp-admin/options-general.php.
32 CVE-2014-9459 352 CSRF 2015-01-02 2015-01-13
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the AdminObserver function in e107_admin/users.php in e107 2.0 alpha2 allows remote attackers to hijack the authentication of administrators for requests that add users to the administrator group via the id parameter in an admin action.
33 CVE-2014-9454 352 XSS CSRF 2015-01-02 2015-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Sticky Footer plugin before 1.3.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or conduct cross-site scripting (XSS) attacks via the (2) simple_sf_width or (3) simple_sf_style parameter in the simple-simple-sticky-footer page to wp-admin/themes.php.
34 CVE-2014-9441 352 XSS CSRF 2015-01-02 2015-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Lightbox Photo Gallery plugin 1.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or conduct cross-site scripting (XSS) attacks via the (2) ll__opt[image2_url] or (3) ll__opt[image3_url] parameter in a ll_save_settings action to wp-admin/admin-ajax.php.
35 CVE-2014-9438 352 CSRF 2015-01-02 2015-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Moderator Control Panel in vBulletin 4.2.2 allows remote attackers to hijack the authentication of administrators for requests that (1) ban a user via the username parameter in a dobanuser action to modcp/banning.php or (2) unban a user, (3) modify user profiles, edit a (4) post or (5) topic, or approve a (6) post or (7) topic via unspecified vectors.
36 CVE-2014-9437 352 XSS CSRF 2015-01-02 2015-01-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Sliding Social Icons plugin 1.61 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) change plugin settings via unspecified vectors or (2) conduct cross-site scripting (XSS) attacks via the sc_social_slider_margin parameter in a wpbs_save_settings action in the wpbs_panel page to wp-admin/admin.php.
37 CVE-2014-9431 352 CSRF 2014-12-31 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Smoothwall Express 3.1 and 3.0 SP3 allow remote attackers to hijack the authentication of administrators for requests that change the (1) admin or (2) dial password via a request to httpd/cgi-bin/changepw.cgi.
38 CVE-2014-9414 352 CSRF 2014-12-24 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
The W3 Total Cache plugin before 0.9.4.1 for WordPress does not properly handle empty nonces, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks and hijack the authentication of administrators for requests that change the mobile site redirect URI via the mobile_groups[*][redirect] parameter and an empty _wpnonce parameter in the w3tc_mobile page to wp-admin/admin.php.
39 CVE-2014-9413 352 XSS CSRF 2014-12-24 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the IP Ban (simple-ip-ban) plugin 1.2.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ip_list, (2) user_agent_list, or (3) redirect_url parameter in the simple-ip-ban page to wp-admin/options-general.php.
40 CVE-2014-9407 352 CSRF 2014-12-19 2014-12-19
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Revive Adserver before 3.0.5 allow remote attackers to hijack the authentication of administrators for requests that (1) delete data via a request to agency-delete.php, (2) tracker-delete.php, or (3) userlog-delete.php in admin/ or (4) unlink accounts via a request to admin-user-unlink.php. (5) advertiser-user-unlink.php, or (6) affiliate-user-unlink.php in admin/.
41 CVE-2014-9401 352 XSS CSRF 2014-12-31 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the WP Limit Posts Automatically plugin 0.7 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the lpa_post_letters parameter in the wp-limit-posts-automatically.php page to wp-admin/options-general.php.
42 CVE-2014-9400 352 XSS CSRF 2014-12-31 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Wp Unique Article Header Image plugin 1.0 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) gt_default_header or (2) gt_homepage_header parameter in the wp-unique-header.php page to wp-admin/options-general.php.
43 CVE-2014-9399 352 XSS CSRF 2014-12-31 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the TweetScribe plugin 1.1 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the tweetscribe_username parameter in a save action in the tweetscribe.php page to wp-admin/options-general.php.
44 CVE-2014-9398 352 XSS CSRF 2014-12-31 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Twitter LiveBlog plugin 1.1.2 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the mashtlb_twitter_username parameter in the twitter-liveblog.php page to wp-admin/options-general.php.
45 CVE-2014-9397 352 XSS CSRF 2014-12-31 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the twimp-wp plugin for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the message_format parameter in the twimp-wp.php page to wp-admin/options-general.php.
46 CVE-2014-9396 352 XSS CSRF 2014-12-31 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the SimpleFlickr plugin 3.0.3 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) simpleflickr_width, (2) simpleflickr_bgcolor, or (3) simpleflickr_xmldatapath parameter in the simpleFlickr.php page to wp-admin/options-general.php.
47 CVE-2014-9395 352 XSS CSRF 2014-12-31 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simplelife plugin 1.2 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) simplehoverback, (2) simplehovertext, (3) flickrback, or (4) simple_flimit parameter in the simplelife.php page to wp-admin/options-general.php.
48 CVE-2014-9394 352 XSS CSRF 2014-12-31 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the PWGRandom plugin 1.11 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) pwgrandom_title or (2) pwgrandom_category parameter in the pwgrandom page to wp-admin/options-general.php.
49 CVE-2014-9393 352 XSS CSRF 2014-12-31 2015-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Post to Twitter plugin 0.7 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) idptt_twitter_username or (2) idptt_tweet_prefix parameter to wp-admin/options-general.php.
50 CVE-2014-9392 352 XSS CSRF 2014-12-31 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the PictoBrowser (pictobrowser-gallery) plugin 0.3.1 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the pictoBrowserFlickrUser parameter in the options-page.php page to wp-admin/options-general.php.
Total number of vulnerabilities : 1059   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.