Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-11 | CVE-2022-34448 | Cross-Site Request Forgery (CSRF) vulnerability in Dell Powerpath Management Appliance PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains a Cross-site Request Forgery vulnerability. | 8.8 |
2023-02-10 | CVE-2022-3568 | Cross-Site Request Forgery (CSRF) vulnerability in Orangelab Imagemagick Engine The ImageMagick Engine plugin for WordPress is vulnerable to deserialization of untrusted input via the 'cli_path' parameter in versions up to, and including 1.7.5. | 8.8 |
2023-02-03 | CVE-2021-36443 | Cross-Site Request Forgery (CSRF) vulnerability in Txjia Imcat 5.4 Cross Site Request Forgery vulnerability in imcat 5.4 allows remote attackers to escalate privilege via lack of token verification. | 8.8 |
2023-02-03 | CVE-2021-36444 | Cross-Site Request Forgery (CSRF) vulnerability in Txjia Imcat 5.4 Cross Site Request Forgery (CSRF) vulnerability in imcat 5.4 allows remote attackers to gain escalated privileges via flaws one time token generation on the add administrator page. | 8.8 |
2023-02-03 | CVE-2021-36569 | Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.4.13 Cross Site Request Forgery vulnerability in FUEL-CMS 1.4.13 allows remote attackers to run arbitrary code via post ID to /users/delete/2. | 8.8 |
2023-02-03 | CVE-2021-36570 | Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.4.13 Cross Site Request Forgery vulnerability in FUEL-CMS 1.4.13 allows remote attackers to run arbitrary code via post ID to /permissions/delete/2---. | 8.8 |
2023-02-03 | CVE-2022-47130 | Cross-Site Request Forgery (CSRF) vulnerability in Creativeitem Academy LMS A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page. | 4.3 |
2023-02-03 | CVE-2022-47132 | Cross-Site Request Forgery (CSRF) vulnerability in Creativeitem Academy LMS A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows attackers to arbitrarily add Administrator users. | 8.8 |
2023-02-02 | CVE-2023-25015 | Cross-Site Request Forgery (CSRF) vulnerability in Clockwork web Project Clockwork web Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF. | 6.5 |
2023-02-01 | CVE-2023-23750 | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! 4.0.0 through 4.2.6. | 6.3 |