Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-18346

EPSS 1.11% · P78
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-18346

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A CSRF issue was discovered in DAViCal through 1.1.8. If an authenticated user visits an attacker-controlled webpage, the attacker can send arbitrary requests in the name of the user to the application. If the attacked user is an administrator, the attacker could for example add a new admin user.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
DAViCal 跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
DAViCal是一款日历共享服务器,是CalDAV协议的实现。 DAViCal 1.1.8及之前版本中存在跨站请求伪造漏洞。远程攻击者可通过诱使用户访问恶意网站利用该漏洞修改e?mail地址和密码,完全控制账户,并创建新的管理员账户。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2019-18346

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2019-18346

登录查看更多情报信息。

Same Patch Batch · n/a · 2019-12-04 · 26 CVEs total

CVE-2019-19229Fronius Solar Inverter 路径遍历漏洞
CVE-2019-18850TrevorC2 信息泄露漏洞
CVE-2019-14909Red Hat Keycloak 授权问题漏洞
CVE-2019-15638COPA-DATA zenone32 zenon Editor 代码问题漏洞
CVE-2019-19555Xfig fig2dev 缓冲区错误漏洞
CVE-2018-0728Helpdesk 访问控制错误漏洞
CVE-2018-0729QNAP Systems QNAP Music Station 注入漏洞
CVE-2018-0730QNAP Systems QNAP QTS File Station 注入漏洞
CVE-2019-7201QNAP Systems QNAP NetBak Replicator 代码问题漏洞
CVE-2019-7197QNAP Systems QNAP QTS 跨站脚本漏洞
CVE-2019-18347DAViCal 跨站脚本漏洞
CVE-2019-19576verot.net class.upload 代码问题漏洞
CVE-2019-19364Sony Catalyst Production Suite和Catalyst Browse 代码问题漏洞
CVE-2019-19587WSO2 Enterprise Integrator 跨站脚本漏洞
CVE-2019-19228Fronius Solar Inverter 安全漏洞
CVE-2019-19133WordPress CSS Hero 跨站脚本漏洞
CVE-2019-16753Decentralized Anonymous Payment System 数据伪造问题漏洞
CVE-2019-16752Decentralized Anonymous Payment System 跨站请求伪造漏洞
CVE-2019-11216BMC Smart Reporting 代码问题漏洞
CVE-2019-19579Xen 输入验证错误漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2019-18346

No comments yet

Leave a comment