Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-25 | CVE-2021-31762 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature. | 8.8 |
| 2021-04-25 | CVE-2021-31760 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature. | 8.8 |
| 2021-04-23 | CVE-2021-31584 | Cross-Site Request Forgery (CSRF) vulnerability in Sipwise Next Generation Communication Platform 3.6.4 Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges. | 8.8 |
| 2021-04-21 | CVE-2021-21644 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Config File Provider A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier allows attackers to delete configuration files corresponding to an attacker-specified ID. | 5.4 |
| 2021-04-14 | CVE-2021-27181 | Cross-Site Request Forgery (CSRF) vulnerability in Altn Mdaemon An issue was discovered in MDaemon before 20.0.4. | 8.8 |
| 2021-04-14 | CVE-2021-31152 | Cross-Site Request Forgery (CSRF) vulnerability in Multilaser Ac1200 Re018 Firmware V02.03.01.45Pt Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. | 8.8 |
| 2021-04-13 | CVE-2021-21731 | Cross-Site Request Forgery (CSRF) vulnerability in ZTE Zxcloud Irai Firmware A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. | 8.1 |
| 2021-04-13 | CVE-2021-29054 | Cross-Site Request Forgery (CSRF) vulnerability in Papoo 21.02/6.0.1 Certain Papoo products are affected by: Cross Site Request Forgery (CSRF) in the admin interface. | 8.8 |
| 2021-04-12 | CVE-2021-24230 | Cross-Site Request Forgery (CSRF) vulnerability in Patreon Wordpress The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged in user overwrite or create arbitrary user metadata on the victim’s account once visited. | 8.1 |
| 2021-04-09 | CVE-2021-25326 | Cross-Site Request Forgery (CSRF) vulnerability in Skyworthdigital Rn510 Firmware 3.1.0.4 Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. | 5.4 |