Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-10 | CVE-2021-46147 | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. | 8.8 |
| 2022-01-10 | CVE-2021-34086 | Cross-Site Request Forgery (CSRF) vulnerability in Ultimaker products In Ultimaker S3 3D printer, Ultimaker S5 3D printer, Ultimaker 3 3D printer S-line through 6.3 and Ultimaker 3 through 5.2.16, the local webserver hosts APIs vulnerable to CSRF. | 8.8 |
| 2021-12-30 | CVE-2021-20165 | Cross-Site Request Forgery (CSRF) vulnerability in Trendnet Tew-827Dru Firmware 2.08B01 Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. | 8.8 |
| 2021-12-30 | CVE-2020-29292 | Cross-Site Request Forgery (CSRF) vulnerability in Iball Wrd12En Firmware 1.0.0 iBall WRD12EN 1.0.0 devices allow cross-site request forgery (CSRF) attacks as demonstrated by enabling DNS settings or modifying the range for IP addresses. | 6.5 |
| 2021-12-27 | CVE-2020-21236 | Cross-Site Request Forgery (CSRF) vulnerability in Damicms 6.0.0 A vulnerability in /damicms-master/admin.php?s=/Article/doedit of DamiCMS v6.0 allows attackers to compromise and impersonate user accounts via obtaining a user's session cookie. | 8.8 |
| 2021-12-27 | CVE-2020-20943 | Cross-Site Request Forgery (CSRF) vulnerability in Qibosoft 7.0 A Cross-Site Request Forgery (CSRF) in /member/post.php?job=postnew&step=post of Qibosoft v7 allows attackers to force victim users into arbitrarily publishing new articles via a crafted URL. | 4.3 |
| 2021-12-27 | CVE-2020-20945 | Cross-Site Request Forgery (CSRF) vulnerability in Qibosoft 7.0 A Cross-Site Request Forgery (CSRF) in /admin/index.php?lfj=member&action=editmember of Qibosoft v7 allows attackers to arbitrarily add administrator accounts. | 8.8 |
| 2021-12-22 | CVE-2020-20593 | Cross-Site Request Forgery (CSRF) vulnerability in Rockoa 1.9.8 A cross-site request forgery (CSRF) in Rockoa v1.9.8 allows an authenticated attacker to arbitrarily add an administrator account. | 8.0 |
| 2021-12-22 | CVE-2020-20595 | Cross-Site Request Forgery (CSRF) vulnerability in Opms Project Opms 1.3 A cross-site request forgery (CSRF) in OPMS v1.3 and below allows attackers to arbitrarily add a user account via /user/add. | 6.5 |
| 2021-12-22 | CVE-2021-36886 | Cross-Site Request Forgery (CSRF) vulnerability in Ciphercoin Contact Form 7 Database Addon Cross-Site Request Forgery (CSRF) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.5.9). | 8.8 |