Total
6248 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-15732 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-09-17 | N/A |
| In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php. | ||||
| CVE-2018-11371 | 1 Skycaiji | 1 Skycaiji | 2024-09-17 | N/A |
| SkyCaiji 1.2 allows CSRF to add an Administrator user. | ||||
| CVE-2017-15733 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-09-17 | N/A |
| In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php. | ||||
| CVE-2014-8523 | 1 Mcafee | 1 Network Data Loss Prevention | 2024-09-17 | N/A |
| Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-3513 | 1 Gwos | 1 Groundwork Monitor | 2024-09-17 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma component in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) store XSS sequences or (2) delete entries. | ||||
| CVE-2018-1622 | 1 Ibm | 1 Security Privileged Identity Manager | 2024-09-17 | N/A |
| IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144348. | ||||
| CVE-2022-29495 | 1 Sygnoos | 1 Popup Builder | 2024-09-17 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings. | ||||
| CVE-2018-19225 | 1 Laobancms | 1 Laobancms | 2024-09-17 | N/A |
| An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF. | ||||
| CVE-2016-9716 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-09-17 | N/A |
| IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119729. | ||||
| CVE-2013-0717 | 1 Nec | 6 Atermwm3450rn, Atermwm3600r, Atermwr8160n and 3 more | 2024-09-17 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the web-based management utility on the NEC AtermWR9500N, AtermWR8600N, AtermWR8370N, AtermWR8160N, AtermWM3600R, and AtermWM3450RN routers allow remote attackers to hijack the authentication of administrators for requests that (1) initialize settings or (2) reboot the device. | ||||
| CVE-2013-3095 | 1 Dlink | 2 Dir865l, Dir865l Firmware | 2024-09-17 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi. | ||||
| CVE-2018-5301 | 1 Magento | 1 Magento | 2024-09-17 | N/A |
| Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433. | ||||
| CVE-2009-1518 | 1 Beltane | 1 Beltane | 2024-09-17 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Beltane before 2.3.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2005-1674 | 1 Helpcenterlive | 1 Help Center Live | 2024-09-17 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote attackers to perform actions as the administrator via a link or IMG tag to view.php. | ||||
| CVE-2018-15197 | 1 Onethink | 1 Onethink | 2024-09-17 | N/A |
| An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/AuthManager/addToGroup.html that can endow administrator privileges. | ||||
| CVE-2014-3845 | 2 Tinymce, Wordpress | 2 Color Picker, Wordpress | 2024-09-17 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the TinyMCE Color Picker plugin before 1.2 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that change plugin settings via unknown vectors. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2014-3455 | 1 Mediawiki | 1 Mediawiki | 2024-09-17 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) CreateProperty, (2) CreateTemplate, (3) CreateForm, and (4) CreateClass special pages in the SemanticForms extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allow remote attackers to hijack the authentication of users for requests that have unspecified impact and vectors. | ||||
| CVE-2018-10248 | 1 Wuzhicms | 1 Wuzhi Cms | 2024-09-17 | N/A |
| An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can delete any article via index.php?m=content&f=content&v=recycle_delete. | ||||
| CVE-2022-27851 | 1 Dineshkarki | 1 Use Any Font | 2024-09-17 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker to deactivate the API key. | ||||
| CVE-2022-38704 | 1 Clogica | 1 Seo Redirection | 2024-09-17 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in SEO Redirection plugin <= 8.9 at WordPress, leading to deletion of 404 errors and redirection history. | ||||