Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-09 | CVE-2020-26912 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear products Certain NETGEAR devices are affected by CSRF. | 8.8 |
| 2020-10-09 | CVE-2020-26522 | Cross-Site Request Forgery (CSRF) vulnerability in Garfield Petshop Project Garfield Petshop 20201001 A cross-site request forgery (CSRF) vulnerability in mod/user/act_user.php in Garfield Petshop through 2020-10-01 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts. | 8.8 |
| 2020-10-08 | CVE-2020-26802 | Cross-Site Request Forgery (CSRF) vulnerability in Formalms 2.3.0.2 forma.lms 2.3.0.2 is affected by Cross Site Request Forgery (CSRF) in formalms/appCore/index.php?r=lms/profile/show&ap=saveinfo via a GET request to change the admin email address in order to accomplish an account takeover. | 8.8 |
| 2020-10-08 | CVE-2020-2296 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Shared Objects A cross-site request forgery (CSRF) vulnerability in Jenkins Shared Objects Plugin 0.44 and earlier allows attackers to configure shared objects. | 4.3 |
| 2020-10-08 | CVE-2020-2295 | Cross-Site Request Forgery (CSRF) vulnerability in Barchart Maven Cascade Release A cross-site request forgery (CSRF) vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin. | 6.5 |
| 2020-10-08 | CVE-2020-25263 | Cross-Site Request Forgery (CSRF) vulnerability in Pyrocms 3.7 PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/addons/uninstall/anomaly.module.blocks URI: an arbitrary plugin will be deleted. | 7.1 |
| 2020-10-08 | CVE-2020-25262 | Cross-Site Request Forgery (CSRF) vulnerability in Pyrocms 3.7 PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/pages/delete/ URI: pages will be deleted. | 4.3 |
| 2020-10-06 | CVE-2020-25986 | Cross-Site Request Forgery (CSRF) vulnerability in Monocms 1.0 A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a user. | 6.5 |
| 2020-10-02 | CVE-2020-12123 | Cross-Site Request Forgery (CSRF) vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. | 8.1 |
| 2020-10-01 | CVE-2020-5786 | Cross-Site Request Forgery (CSRF) vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03 Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | 8.8 |