Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2021-09-09 CVE-2020-19268 Cross-Site Request Forgery (CSRF) vulnerability in Dswjcms Project Dswjcms 1.6.4
A cross-site request forgery (CSRF) in index.php/Dswjcms/User/tfAdd of Dswjcms 1.6.4 allows authenticated attackers to arbitrarily add administrator users.
network
low complexity
dswjcms-project CWE-352
5.7
5.7
2021-09-09 CVE-2021-38721 Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.5.0
FUEL CMS 1.5.0 login.php contains a cross-site request forgery (CSRF) vulnerability
network
low complexity
thedaylightstudio CWE-352
6.5
6.5
2021-09-08 CVE-2021-23404 Cross-Site Request Forgery (CSRF) vulnerability in Sqlite-Web Project Sqlite-Web
This affects all versions of package sqlite-web.
network
low complexity
sqlite-web-project CWE-352
8.8
8.8
2021-09-07 CVE-2021-38705 Cross-Site Request Forgery (CSRF) vulnerability in Cliniccases 7.3.3
ClinicCases 7.3.3 is affected by Cross-Site Request Forgery (CSRF).
network
low complexity
cliniccases CWE-352
8.8
8.8
2021-09-07 CVE-2019-5318 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all versions, 8.x.x.x: all versions prior to 8.8.0.0.
network
low complexity
arubanetworks siemens CWE-352
6.5
6.5
2021-09-07 CVE-2021-37725 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.8.0.1, 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15.
network
low complexity
arubanetworks siemens CWE-352
8.1
8.1
2021-09-01 CVE-2020-20343 Cross-Site Request Forgery (CSRF) vulnerability in Wtcms Project Wtcms 1.0
WTCMS 1.0 contains a cross-site request forgery (CSRF) vulnerability in the index.php?g=admin&m=nav&a=add_post component that allows attackers to arbitrarily add articles in the administrator background.
network
low complexity
wtcms-project CWE-352
6.5
6.5
2021-08-31 CVE-2020-19047 Cross-Site Request Forgery (CSRF) vulnerability in Iwebshop 5.3
Cross Site Request Forgey (CSRF) in iWebShop v5.3 allows remote atatckers to execute arbitrary code via malicious POST request to the component '/index.php?controller=system&action=admin_edit_act'.
network
low complexity
iwebshop CWE-352
8.8
8.8
2021-08-31 CVE-2021-21678 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Saml
Jenkins SAML Plugin 2.0.7 and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.
network
low complexity
jenkins CWE-352
8.8
8.8
2021-08-31 CVE-2021-21679 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Azure AD
Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.
network
low complexity
jenkins CWE-352
8.8
8.8