Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-17 | CVE-2021-32403 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras RF 301K Firmware 1.1.2 Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of security mechanisms for token protection and unsafe inputs and modules. | 8.8 |
| 2021-05-15 | CVE-2021-32073 | Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 5.7 DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution. | 8.8 |
| 2021-05-11 | CVE-2020-18964 | Cross-Site Request Forgery (CSRF) vulnerability in Forestblog Project Forestblog 20190404 Cross Site Request Forgery (CSRF) Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges. | 8.8 |
| 2021-05-11 | CVE-2021-21652 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira A cross-site request forgery (CSRF) vulnerability in Jenkins Xray - Test Management for Jira Plugin 2.4.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 7.1 |
| 2021-05-11 | CVE-2021-21655 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins P4 A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified Perforce server using attacker-specified username and password. | 7.1 |
| 2021-05-10 | CVE-2020-23376 | Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0 NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parameter to launch a stored XSS attack. | 6.1 |
| 2021-05-10 | CVE-2020-19199 | Cross-Site Request Forgery (CSRF) vulnerability in PHPok 5.2.060 A Cross Site Request Forgery (CSRF) vulnerability exists in PHPOK 5.2.060 via admin.php?c=admin&f=save, which could let a remote malicious user execute arbitrary code. | 8.8 |
| 2021-05-07 | CVE-2021-32096 | Cross-Site Request Forgery (CSRF) vulnerability in NSA Emissary 5.9.0 The ConsoleAction component of U.S. | 8.8 |
| 2021-05-06 | CVE-2020-23264 | Cross-Site Request Forgery (CSRF) vulnerability in Fork-Cms Fork CMS Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators. | 8.8 |
| 2021-05-06 | CVE-2020-18889 | Cross-Site Request Forgery (CSRF) vulnerability in Puppycms 5.1 Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php. | 6.5 |