Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-11 | CVE-2018-19948 | Cross-Site Request Forgery (CSRF) vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of Helpdesk. | 6.5 |
| 2020-09-11 | CVE-2020-25252 | Cross-Site Request Forgery (CSRF) vulnerability in Hyland Onbase An issue was discovered in Hyland OnBase through 16.0.2.83 and below, 17.0.2.109 and below, 18.0.0.37 and below, 19.8.16.1000 and below and 20.3.10.1000 and below. | 8.8 |
| 2020-09-10 | CVE-2020-24739 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.0 A CSRF vulnerability was found in iCMS v7.0.0 in the background deletion administrator account. | 6.5 |
| 2020-09-09 | CVE-2020-15789 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens Polarion Subversion Webclient A vulnerability has been identified in Polarion Subversion Webclient (All versions). | 8.1 |
| 2020-09-02 | CVE-2020-23830 | Cross-Site Request Forgery (CSRF) vulnerability in Stock Management System Project Stock Management System 1.0 A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site. | 7.1 |
| 2020-09-01 | CVE-2020-5776 | Cross-Site Request Forgery (CSRF) vulnerability in Magmi Project Magmi Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. | 8.8 |
| 2020-09-01 | CVE-2020-25070 | Cross-Site Request Forgery (CSRF) vulnerability in Usvn USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature. | 8.8 |
| 2020-09-01 | CVE-2020-23836 | Cross-Site Request Forgery (CSRF) vulnerability in Oswapp Warehouse Inventory System 20200810 A Cross-Site Request Forgery (CSRF) vulnerability in edit_user.php in OSWAPP Warehouse Inventory System (aka OSWA-INV) through 2020-08-10 allows remote attackers to change the admin's password after an authenticated admin visits a third-party site. | 8.8 |
| 2020-09-01 | CVE-2020-2241 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Database A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials. | 8.8 |
| 2020-09-01 | CVE-2020-2240 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Database A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts. | 8.8 |