Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-28 | CVE-2020-16610 | Cross-Site Request Forgery (CSRF) vulnerability in Hoosk Hoosk Codeigniter CMS before 1.7.2 is affected by a Cross Site Request Forgery (CSRF). | 4.3 |
| 2020-08-28 | CVE-2020-5621 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Gs716Tv2 Firmware and Gs724Tv3 Firmware Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version 5.4.2.30 and earlier, and GS724Tv3 Firmware version 5.4.2.30 and earlier) allow remote attackers to hijack the authentication of administrators and alter the settings of the device via unspecified vectors. | 4.3 |
| 2020-08-26 | CVE-2020-5928 | Cross-Site Request Forgery (CSRF) vulnerability in F5 Big-Ip Application Security Manager In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BIG-IP ASM Configuration utility CSRF protection token can be reused multiple times. | 3.1 |
| 2020-08-26 | CVE-2020-5922 | Cross-Site Request Forgery (CSRF) vulnerability in F5 products In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2, iControl REST does not implement Cross Site Request Forgery protections for users which make use of Basic Authentication in a web browser. | 8.8 |
| 2020-08-24 | CVE-2020-4170 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Guardium Insights 2.0.1 IBM Security Guardium Insights 2.0.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2020-08-24 | CVE-2020-14043 | Cross-Site Request Forgery (CSRF) vulnerability in Codiad ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Side Request Forgery (CSRF) vulnerability was found in Codiad v1.7.8 and later. | 8.8 |
| 2020-08-24 | CVE-2020-19889 | Cross-Site Request Forgery (CSRF) vulnerability in Dbhcms Project Dbhcms 1.2.0 DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for index.php?dbhcms_pid=-70 can add a user. | 8.8 |
| 2020-08-24 | CVE-2020-19886 | Cross-Site Request Forgery (CSRF) vulnerability in Dbhcms Project Dbhcms 1.2.0 DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for an /index.php?dbhcms_pid=-80&deletemenu=9 can delete any menu. | 8.1 |
| 2020-08-20 | CVE-2020-15151 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products OpenMage LTS before versions 19.4.6 and 20.0.2 allows attackers to circumvent the `fromkey protection` in the Admin Interface and increases the attack surface for Cross Site Request Forgery attacks. | 8.0 |
| 2020-08-17 | CVE-2020-12480 | Cross-Site Request Forgery (CSRF) vulnerability in Lightbend Play Framework In Play Framework 2.6.0 through 2.8.1, the CSRF filter can be bypassed by making CORS simple requests with content types that contain parameters that can't be parsed. | 6.5 |