Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-08 | CVE-2020-25262 | Cross-Site Request Forgery (CSRF) vulnerability in Pyrocms 3.7 PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/pages/delete/ URI: pages will be deleted. | 4.3 |
| 2020-10-06 | CVE-2020-25986 | Cross-Site Request Forgery (CSRF) vulnerability in Monocms 1.0 A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a user. | 6.5 |
| 2020-10-02 | CVE-2020-12123 | Cross-Site Request Forgery (CSRF) vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. | 8.1 |
| 2020-10-01 | CVE-2020-5786 | Cross-Site Request Forgery (CSRF) vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03 Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | 8.8 |
| 2020-09-30 | CVE-2020-13658 | Cross-Site Request Forgery (CSRF) vulnerability in Lansweeper 8.0.130.17 In Lansweeper 8.0.130.17, the web console is vulnerable to a CSRF attack that would allow a low-level Lansweeper user to elevate their privileges within the application. | 8.0 |
| 2020-09-25 | CVE-2020-25142 | Cross-Site Request Forgery (CSRF) vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.5 |
| 2020-09-25 | CVE-2020-23837 | Cross-Site Request Forgery (CSRF) vulnerability in Multi User Project Multi User 1.8.2 A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote attackers to add admin (or other) users after an authenticated admin visits a third-party site or clicks on a URL. | 8.8 |
| 2020-09-24 | CVE-2020-12841 | Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php | 6.5 |
| 2020-09-24 | CVE-2020-12840 | Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php | 6.5 |
| 2020-09-24 | CVE-2020-12282 | Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. | 8.8 |