Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-11 | CVE-2022-25615 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Eroom - Zoom Meetings & Webinar Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion. | 4.3 |
| 2022-04-11 | CVE-2021-32156 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature. | 8.8 |
| 2022-04-11 | CVE-2021-32159 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature. | 8.8 |
| 2022-04-11 | CVE-2021-32162 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature. | 8.8 |
| 2022-04-08 | CVE-2022-26180 | Cross-Site Request Forgery (CSRF) vulnerability in Qdpm 9.2 qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI. | 8.8 |
| 2022-04-08 | CVE-2022-26588 | Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 31.0.0.Os A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI. | 6.5 |
| 2022-04-08 | CVE-2020-4668 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-04-06 | CVE-2022-20774 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. | 8.1 |
| 2022-03-30 | CVE-2021-44312 | Cross-Site Request Forgery (CSRF) vulnerability in Firmware Analysis and Comparison Tool Project Firmware Analysis and Comparison Tool 3.2 An issue was discovered in Firmware Analysis and Comparison Tool v3.2. | 8.8 |
| 2022-03-30 | CVE-2022-27432 | Cross-Site Request Forgery (CSRF) vulnerability in Pluck-Cms Pluck 4.7.15 A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover. | 8.8 |