Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-14 | CVE-2021-31152 | Cross-Site Request Forgery (CSRF) vulnerability in Multilaser Ac1200 Re018 Firmware V02.03.01.45Pt Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. | 8.8 |
| 2021-04-13 | CVE-2021-21731 | Cross-Site Request Forgery (CSRF) vulnerability in ZTE Zxcloud Irai 5.01.05/5.01.06 A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. | 8.1 |
| 2021-04-13 | CVE-2021-29054 | Cross-Site Request Forgery (CSRF) vulnerability in Papoo 21.02/6.0.1 Certain Papoo products are affected by: Cross Site Request Forgery (CSRF) in the admin interface. | 8.8 |
| 2021-04-12 | CVE-2021-24230 | Cross-Site Request Forgery (CSRF) vulnerability in Patreon Wordpress The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged in user overwrite or create arbitrary user metadata on the victim’s account once visited. | 8.1 |
| 2021-04-09 | CVE-2021-25326 | Cross-Site Request Forgery (CSRF) vulnerability in Skyworthdigital Rn510 Firmware 3.1.0.4 Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. | 5.4 |
| 2021-04-09 | CVE-2020-21884 | Cross-Site Request Forgery (CSRF) vulnerability in Indionetworks products Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 in which a specially crafted HTTP request may reconfigure the device. | 8.8 |
| 2021-04-08 | CVE-2021-22512 | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Application Automation Tools Cross-Site Request Forgery (CSRF) vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. | 6.5 |
| 2021-04-08 | CVE-2020-23426 | Cross-Site Request Forgery (CSRF) vulnerability in Zzcms 201910 zzcms 201910 contains an access control vulnerability through escalation of privileges in /user/adv.php, which allows an attacker to modify data for further attacks such as CSRF. | 9.8 |
| 2021-04-08 | CVE-2021-30114 | Cross-Site Request Forgery (CSRF) vulnerability in Web-School Enterprise Resource Planning 5.0 Web-School ERP V 5.0 contains a cross-site request forgery (CSRF) vulnerability that allows a remote attacker to create a voucher payment request through module/accounting/voucher/create. | 6.5 |
| 2021-04-08 | CVE-2021-30112 | Cross-Site Request Forgery (CSRF) vulnerability in Web-School Enterprise Resource Planning 5.0 Web-School ERP V 5.0 contains a cross-site request forgery (CSRF) vulnerability that allows a remote attacker to create a student_leave_application request through module/core/studentleaveapplication/create. | 6.5 |