Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-30 | CVE-2020-18157 | Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 6.1.3 Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a doaddsave action in admin/index.php. | 6.8 |
| 2021-07-30 | CVE-2020-22761 | Cross-Site Request Forgery (CSRF) vulnerability in Flatpress 1.1 Cross Site Request Forgery (CSRF) vulnerability in FlatPress 1.1 via the DeleteFile function in flat/admin.php. | 6.8 |
| 2021-07-21 | CVE-2021-32776 | Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 6.8 |
| 2021-07-21 | CVE-2021-21407 | Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop Combodo iTop is an open source, web based IT Service Management tool. | 4.3 |
| 2021-07-21 | CVE-2021-34619 | Cross-Site Request Forgery (CSRF) vulnerability in Storeapps Woocommerce Stock Manager The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file. | 6.8 |
| 2021-07-20 | CVE-2020-15660 | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Geckodriver Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution. | 6.8 |
| 2021-07-20 | CVE-2021-32774 | Cross-Site Request Forgery (CSRF) vulnerability in Miraheze Datadump DataDump is a MediaWiki extension that provides dumps of wikis. | 5.8 |
| 2021-07-16 | CVE-2020-4675 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Master Data Management Server 11.6 IBM InfoSphere Master Data Management Server 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2021-07-14 | CVE-2020-18151 | Cross-Site Request Forgery (CSRF) vulnerability in Thinkcmf 5.1.0 Cross Site Request Forgerly (CSRF) vulnerability in ThinkCMF v5.1.0, which can add an admin account. | 4.3 |
| 2021-07-14 | CVE-2020-27379 | Cross-Site Request Forgery (CSRF) vulnerability in Bookingcore Booking Core 1.7.0 Cross Site Request Forgery (CSRF) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 . | 4.3 |