Total
6289 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-4515 | 1 Ibm | 1 Security Key Lifecycle Manager | 2024-09-16 | 6.5 Medium |
| IBM Security Key Lifecycle Manager 3.0 and 3.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 165137. | ||||
| CVE-2023-45108 | 1 Mailrelay | 1 Mailrelay | 2024-09-16 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Mailrelay plugin <= 2.1.1 versions. | ||||
| CVE-2023-45109 | 1 Myback.link | 1 Whitepage | 2024-09-16 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ZAKSTAN WhitePage plugin <= 1.1.5 versions. | ||||
| CVE-2008-5941 | 1 Modxcms | 1 Modxcms | 2024-09-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors. | ||||
| CVE-2018-20419 | 1 Douco | 1 Douphp | 2024-09-16 | N/A |
| DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add an administrator account. | ||||
| CVE-2018-15193 | 1 Gogs | 1 Gogs | 2024-09-16 | N/A |
| A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link. | ||||
| CVE-2022-38079 | 1 Backup Scheduler Project | 1 Backup Scheduler | 2024-09-16 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability Backup Scheduler plugin <= 1.5.13 at WordPress. | ||||
| CVE-2019-12624 | 1 Cisco | 19 5760 Wireless Lan Controller, Catalyst 3650-12x48uq, Catalyst 3650-12x48ur and 16 more | 2024-09-16 | N/A |
| A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on an affected device by using a web browser and with the privileges of the user. | ||||
| CVE-2013-3395 | 1 Cisco | 3 Content Security Management Appliance, Email Security Appliance Firmware, Web Security Appliance | 2024-09-16 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework on Cisco IronPort Web Security Appliance (WSA) devices, Email Security Appliance (ESA) devices, and Content Security Management Appliance (SMA) devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuh70263, CSCuh70323, and CSCuh26634. | ||||
| CVE-2021-20403 | 1 Ibm | 1 Security Verify Information Queue | 2024-09-16 | 8.8 High |
| IBM Security Verify Information Queue 1.0.6 and 1.0.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | ||||
| CVE-2017-15731 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-09-16 | N/A |
| In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php. | ||||
| CVE-2017-8138 | 1 Huawei | 1 Hedex Lite | 2024-09-16 | N/A |
| HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. An attacker could trick a user into accessing a website containing malicious scripts which may tamper with configurations and interrupt normal services. | ||||
| CVE-2022-41634 | 1 Maxfoundry | 1 Media Library Folders | 2024-09-16 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Media Library Folders plugin <= 7.1.1 on WordPress. | ||||
| CVE-2018-1927 | 1 Ibm | 1 Storediq | 2024-09-16 | N/A |
| IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 153118. | ||||
| CVE-2022-40632 | 1 Gvectors | 1 Wpforo Forum | 2024-09-16 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team wpForo Forum plugin <= 2.0.5 on WordPress leading to topic deletion. | ||||
| CVE-2022-36404 | 1 Coleds | 1 Simple Seo | 2024-09-16 | 5.4 Medium |
| Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO (WordPress plugin) plugin <= 1.8.12 versions. | ||||
| CVE-2023-45267 | 1 Sharkdropship | 1 Irivyou | 2024-09-16 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Zizou1988 IRivYou plugin <= 2.2.1 versions. | ||||
| CVE-2023-45268 | 1 Hitsteps | 1 Hitsteps Web Analytics | 2024-09-16 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Hitsteps Hitsteps Web Analytics plugin <= 5.86 versions. | ||||
| CVE-2018-17986 | 1 Razorcms | 1 Razorcms | 2024-09-16 | N/A |
| rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user. | ||||
| CVE-2018-10132 | 1 Pbootcms | 1 Pbootcms | 2024-09-16 | N/A |
| PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter. | ||||