Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2021-05-07 CVE-2021-32096 Cross-Site Request Forgery (CSRF) vulnerability in NSA Emissary 5.9.0
The ConsoleAction component of U.S.
network
low complexity
nsa CWE-352
8.8
8.8
2021-05-06 CVE-2020-23264 Cross-Site Request Forgery (CSRF) vulnerability in Fork-Cms Fork CMS
Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators.
network
low complexity
fork-cms CWE-352
8.8
8.8
2021-05-06 CVE-2020-18889 Cross-Site Request Forgery (CSRF) vulnerability in Puppycms 5.1
Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php.
network
low complexity
puppycms CWE-352
6.5
6.5
2021-05-06 CVE-2020-23127 Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.10
Chamilo LMS 1.11.10 is affected by Cross Site Request Forgery (CSRF) via the edit_user function by targeting an admin user.
network
low complexity
chamilo CWE-352
8.8
8.8
2021-05-05 CVE-2020-36334 Cross-Site Request Forgery (CSRF) vulnerability in Themegrill Demo Importer
themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by wiping the database.
network
low complexity
themegrill CWE-352
8.8
8.8
2021-05-03 CVE-2021-29238 Cross-Site Request Forgery (CSRF) vulnerability in Codesys Automation Server
CODESYS Automation Server before 1.16.0 allows cross-site request forgery (CSRF).
network
low complexity
codesys CWE-352
8.8
8.8
2021-04-29 CVE-2021-30224 Cross-Site Request Forgery (CSRF) vulnerability in Rukovoditel 2.8.3
Cross Site Request Forgery (CSRF) in Rukovoditel v2.8.3 allows attackers to create an admin user with an arbitrary credentials.
network
low complexity
rukovoditel CWE-352
8.8
8.8
2021-04-27 CVE-2020-21989 Cross-Site Request Forgery (CSRF) vulnerability in Homeautomation Project Homeautomation 3.3.2
HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF).
network
low complexity
homeautomation-project CWE-352
8.8
8.8
2021-04-25 CVE-2021-31762 Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to create a privileged user through Webmin's add users feature, and then get a reverse shell through Webmin's running process feature.
network
low complexity
webmin CWE-352
8.8
8.8
2021-04-25 CVE-2021-31760 Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973
Webmin 1.973 is affected by Cross Site Request Forgery (CSRF) to achieve Remote Command Execution (RCE) through Webmin's running process feature.
network
low complexity
webmin CWE-352
8.8
8.8