Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2020-22403 | Cross-Site Request Forgery (CSRF) vulnerability in Express-Cart Project Express-Cart Cross Site Request Forgery (CSRF) vulnerability in Express cart v1.1.16 allows attackers to add an administrator account, add discount code or other unspecified impacts. | 8.8 |
| 2021-08-12 | CVE-2020-18458 | Cross-Site Request Forgery (CSRF) vulnerability in Damicms 6.0.6 Cross Site Request Forgery (CSRF) vulnerability exists in DamiCMS v6.0.6 that can add an admin account via admin.php?s=/Admin/doadd. | 8.0 |
| 2021-08-12 | CVE-2020-18460 | Cross-Site Request Forgery (CSRF) vulnerability in 711Cms 1.0.7 Cross Site Request Forgery (CSRF) vulnerability exists in 711cms v1.0.7 that can add an admin account via admin.php?c=Admin&m=content. | 8.8 |
| 2021-08-12 | CVE-2020-18463 | Cross-Site Request Forgery (CSRF) vulnerability in Aikcms 2.0 Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let a malicious user delete a video message. | 2.4 |
| 2021-08-12 | CVE-2020-18464 | Cross-Site Request Forgery (CSRF) vulnerability in Aikcms 2.0 Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in video_list.php, which can let a malicious user delete movie information. | 3.5 |
| 2021-08-12 | CVE-2020-18454 | Cross-Site Request Forgery (CSRF) vulnerability in Bycms Project Bycms 1.3.0 Cross Site Request Forgery (CSRF) vulnerability in bycms v1.3 via admin.php/systems/index/module_id/70/group_id/1.html. | 6.8 |
| 2021-08-12 | CVE-2020-18457 | Cross-Site Request Forgery (CSRF) vulnerability in Bycms Project Bycms 1.3.0 Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html. | 6.8 |
| 2021-08-11 | CVE-2020-25562 | Cross-Site Request Forgery (CSRF) vulnerability in Sapphireims 5.0 In SapphireIMS 5.0, there is no CSRF token present in the entire application. | 6.5 |
| 2021-08-11 | CVE-2021-32122 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear products Certain NETGEAR devices are affected by CSRF. | 8.0 |
| 2021-08-10 | CVE-2021-29400 | Cross-Site Request Forgery (CSRF) vulnerability in Netexplorer MY Smtp Contact 1.1.1 A cross-site request forgery (CSRF) vulnerability in the My SMTP Contact v1.1.1 plugin for GetSimple CMS allows remote attackers to change the SMTP settings of the contact forms for the webpages of the CMS after an authenticated admin visits a malicious third-party site. | 6.5 |