Armorlogic » Profense Web Application Firewall » 2.6.3 : Security Vulnerabilities, CVEs, (CSRF)
Multiple cross-site request forgery (CSRF) vulnerabilities in ajax.html in Profense Web Application Firewall 2.6.2 and 2.6.3 allow remote attackers to hijack the authentication of administrators for requests that (1) shutdown the server, (2) send ping packets, (3) enable network services, (4) configure a proxy server, and (5) modify other settings via parameters in the query string.
Max CVSS
6.8
EPSS Score
0.30%
Published
2009-02-10
Updated
2017-09-29
1 vulnerabilities found