Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2021-09-13 CVE-2020-20671 Cross-Site Request Forgery (CSRF) vulnerability in Kitesky Kitecms 1.1
A cross-site request forgery (CSRF) in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account.
network
low complexity
kitesky CWE-352
8.8
2021-09-13 CVE-2021-24491 Cross-Site Request Forgery (CSRF) vulnerability in Fileviewer Project Fileviewer 2.2
The Fileviewer WordPress plugin through 2.2 does not have CSRF checks in place when performing actions such as upload and delete files.
network
low complexity
fileviewer-project CWE-352
8.8
2021-09-09 CVE-2020-19280 Cross-Site Request Forgery (CSRF) vulnerability in Jeesns 1.4.2
Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows attackers to escalate privileges and perform sensitive program operations.
network
low complexity
jeesns CWE-352
8.8
2021-09-09 CVE-2020-19263 Cross-Site Request Forgery (CSRF) vulnerability in Mipcms 5.0.1
A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily escalate user privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit.
network
low complexity
mipcms CWE-352
8.8
2021-09-09 CVE-2020-19264 Cross-Site Request Forgery (CSRF) vulnerability in Mipcms 5.0.1
A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd.
network
low complexity
mipcms CWE-352
6.5
2021-09-09 CVE-2020-19268 Cross-Site Request Forgery (CSRF) vulnerability in Dswjcms Project Dswjcms 1.6.4
A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users.
network
low complexity
dswjcms-project CWE-352
5.7
2021-09-09 CVE-2021-38721 Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.5.0
FUEL CMS 1.5.0 login.php contains a cross-site request forgery (CSRF) vulnerability
network
low complexity
thedaylightstudio CWE-352
6.5
2021-09-08 CVE-2021-23404 Cross-Site Request Forgery (CSRF) vulnerability in Sqlite-Web Project Sqlite-Web
This affects all versions of package sqlite-web.
network
low complexity
sqlite-web-project CWE-352
8.8
2021-09-07 CVE-2021-38705 Cross-Site Request Forgery (CSRF) vulnerability in Cliniccases 7.3.3
ClinicCases 7.3.3 is affected by Cross-Site Request Forgery (CSRF).
network
low complexity
cliniccases CWE-352
8.8
2021-09-07 CVE-2019-5318 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all versions, 8.x.x.x: all versions prior to 8.8.0.0.
network
low complexity
arubanetworks siemens CWE-352
6.5