Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-13 | CVE-2017-20045 | Cross-Site Request Forgery (CSRF) vulnerability in Vendavo Pricepoint 4.6.0.0 A vulnerability was found in Navetti PricePoint 4.6.0.0. | 8.8 |
| 2022-06-13 | CVE-2022-27174 | Cross-Site Request Forgery (CSRF) vulnerability in Easy Blog Project Easy Blog Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page. | 4.3 |
| 2022-06-10 | CVE-2022-22479 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Spectrum Copy Data Management IBM Spectrum Copy Data Management 2.2.0.0through 2.2.15.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-06-10 | CVE-2021-44117 | Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.5.0 A Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via a POST call to /fuel/sitevariables/delete/4. | 8.8 |
| 2022-06-09 | CVE-2017-20020 | Cross-Site Request Forgery (CSRF) vulnerability in Solar-Log products A vulnerability, which was classified as problematic, has been found in Solare Solar-Log 2.8.4-56/3.5.2-85. | 8.8 |
| 2022-06-09 | CVE-2022-30898 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.2 A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password. | 6.5 |
| 2022-06-09 | CVE-2019-25064 | Cross-Site Request Forgery (CSRF) vulnerability in Theaccessgroup Corehr Core Portal A vulnerability was found in CoreHR Core Portal up to 27.0.7. | 8.8 |
| 2022-06-08 | CVE-2022-1577 | Cross-Site Request Forgery (CSRF) vulnerability in Deliciousbrains Database Backup The Database Backup for WordPress plugin before 2.5.2 does not have CSRF check in place when updating the schedule backup settings, which could allow an attacker to make a logged in admin change them via a CSRF attack. | 5.4 |
| 2022-06-08 | CVE-2022-1695 | Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq WP Simple Adsense Insertion The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on updates to its admin page, allowing an attacker to trick a logged in user to manipulate ads and inject arbitrary javascript via submitting a form. | 4.3 |
| 2022-06-07 | CVE-2020-36534 | Cross-Site Request Forgery (CSRF) vulnerability in Easyiicms A vulnerability was found in easyii CMS. | 6.5 |