Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-29 | CVE-2021-40173 | Cross-Site Request Forgery (CSRF) vulnerability in Zohocorp Manageengine Cloud Security Plus 4.0/4.1 Zoho ManageEngine Cloud Security Plus before Build 4117 allows a CSRF attack on the server proxy settings. | 8.8 |
| 2021-08-29 | CVE-2021-40174 | Cross-Site Request Forgery (CSRF) vulnerability in Zohocorp Manageengine Log360 5.0/5.1/5.2 Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings. | 8.8 |
| 2021-08-25 | CVE-2021-28070 | Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1 Cross Site Request Forgery (CSRF) vulnerability exist in PopojiCMS 2.0.1 in po-admin/route.php?mod=user&act=multidelete. | 4.3 |
| 2021-08-24 | CVE-2020-18917 | Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 5.7 The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control. | 8.8 |
| 2021-08-24 | CVE-2021-23431 | Cross-Site Request Forgery (CSRF) vulnerability in Joplinapp Joplin The package joplin before 2.3.2 are vulnerable to Cross-site Request Forgery (CSRF) due to missing CSRF checks in various forms. | 8.8 |
| 2021-08-23 | CVE-2021-3728 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 6.5 |
| 2021-08-23 | CVE-2021-3729 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |
| 2021-08-23 | CVE-2021-3730 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 6.5 |
| 2021-08-23 | CVE-2021-39243 | Cross-Site Request Forgery (CSRF) vulnerability in Altus products Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via any CGI endpoint. | 6.5 |
| 2021-08-20 | CVE-2020-24130 | Cross-Site Request Forgery (CSRF) vulnerability in Ponzu-Cms Ponzu 0.11.0 A cross site request forgery (CSRF) vulnerability in the configure.html component of Ponzu 0.11.0 allows attackers to change user and administrator credentials, and add or delete administrator accounts. | 8.1 |