Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2021-07-30 CVE-2020-18157 Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 6.1.3
Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a doaddsave action in admin/index.php.
network
metinfo CWE-352
6.8
2021-07-30 CVE-2020-22761 Cross-Site Request Forgery (CSRF) vulnerability in Flatpress 1.1
Cross Site Request Forgery (CSRF) vulnerability in FlatPress 1.1 via the DeleteFile function in flat/admin.php.
network
flatpress CWE-352
6.8
2021-07-21 CVE-2021-32776 Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop
Combodo iTop is a web based IT Service Management tool.
network
combodo CWE-352
6.8
2021-07-21 CVE-2021-21407 Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop
Combodo iTop is an open source, web based IT Service Management tool.
network
combodo CWE-352
4.3
2021-07-21 CVE-2021-34619 Cross-Site Request Forgery (CSRF) vulnerability in Storeapps Woocommerce Stock Manager
The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file.
network
storeapps CWE-352
6.8
2021-07-20 CVE-2020-15660 Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Geckodriver
Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.
network
mozilla CWE-352
6.8
2021-07-20 CVE-2021-32774 Cross-Site Request Forgery (CSRF) vulnerability in Miraheze Datadump
DataDump is a MediaWiki extension that provides dumps of wikis.
network
miraheze CWE-352
5.8
2021-07-16 CVE-2020-4675 Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Master Data Management Server 11.6
IBM InfoSphere Master Data Management Server 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
4.3
2021-07-14 CVE-2020-18151 Cross-Site Request Forgery (CSRF) vulnerability in Thinkcmf 5.1.0
Cross Site Request Forgerly (CSRF) vulnerability in ThinkCMF v5.1.0, which can add an admin account.
network
thinkcmf CWE-352
4.3
2021-07-14 CVE-2020-27379 Cross-Site Request Forgery (CSRF) vulnerability in Bookingcore Booking Core 1.7.0
Cross Site Request Forgery (CSRF) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 .
4.3