Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-11 | CVE-2020-35722 | Cross-Site Request Forgery (CSRF) vulnerability in Quest Policy Authority for Unified Communications 8.1.2.200 CSRF in Web Compliance Manager in Quest Policy Authority 8.1.2.200 allows remote attackers to force user modification/creation via a specially crafted link to the submitUser.jsp file. | 6.5 |
| 2021-01-08 | CVE-2020-25950 | Cross-Site Request Forgery (CSRF) vulnerability in Totalonlinesolutions Advanced Webhost Billing System 3.7.0 Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery (CSRF) attacks that can delete a contact from the My Additional Contact page. | 4.3 |
| 2021-01-06 | CVE-2020-36174 | Cross-Site Request Forgery (CSRF) vulnerability in Ninjaforms Ninja Forms The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration. | 6.5 |
| 2021-01-05 | CVE-2020-7336 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Network Security Management 10.0/10.1.7.7/9.0 Cross Site Request Forgery vulnerability in McAfee Network Security Management (NSM) prior to 10.1.7.35 and NSM 9.x prior to 9.2.9.55 may allow an attacker to change the configuration of the Network Security Manager via a carefully crafted HTTP request. | 6.5 |
| 2021-01-04 | CVE-2020-4942 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management 7.0.11.0/7.0.9.0 IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2021-01-04 | CVE-2020-4917 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Cloud PAK System IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2021-01-04 | CVE-2021-21495 | Cross-Site Request Forgery (CSRF) vulnerability in Mk-Auth 19.01 MK-AUTH through 19.01 K4.9 allows CSRF for password changes via the central/executar_central.php?acao=altsenha_princ URI. | 8.8 |
| 2021-01-01 | CVE-2020-35950 | Cross-Site Request Forgery (CSRF) vulnerability in Xcloner An issue was discovered in the XCloner Backup and Restore plugin before 4.2.153 for WordPress. | 8.8 |
| 2020-12-31 | CVE-2018-16795 | Cross-Site Request Forgery (CSRF) vulnerability in Open-Emr Openemr 5.0.1.3 OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/ajax and interface/super, as demonstrated by use of interface/super/manage_site_files.php to upload a .php file. | 8.8 |
| 2020-12-30 | CVE-2020-35778 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Gs716T Firmware and Gs724T Firmware Certain NETGEAR devices are affected by CSRF. | 8.8 |