Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-12 | CVE-2020-10481 | Cross-Site Request Forgery (CSRF) vulnerability in Chadhaajay PHPkb 9.0 CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request. | 4.3 |
| 2020-03-12 | CVE-2020-10480 | Cross-Site Request Forgery (CSRF) vulnerability in Chadhaajay PHPkb 9.0 CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request. | 4.3 |
| 2020-03-12 | CVE-2020-10479 | Cross-Site Request Forgery (CSRF) vulnerability in Chadhaajay PHPkb 9.0 CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request. | 4.3 |
| 2020-03-12 | CVE-2020-10478 | Cross-Site Request Forgery (CSRF) vulnerability in Chadhaajay PHPkb 9.0 CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request. | 8.8 |
| 2020-03-11 | CVE-2020-10181 | Cross-Site Request Forgery (CSRF) vulnerability in Sumavision Enhanced Multimedia Router Firmware 3.0.4.27 goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request. | 9.8 |
| 2020-03-11 | CVE-2019-16107 | Cross-Site Request Forgery (CSRF) vulnerability in PHPbb 3.2.7 Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments. | 4.3 |
| 2020-03-10 | CVE-2020-6206 | Cross-Site Request Forgery (CSRF) vulnerability in SAP Cloud Platform Integration 1.0 SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. | 4.3 |
| 2020-03-09 | CVE-2020-2147 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins mac A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. | 4.3 |
| 2020-03-09 | CVE-2020-2141 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins P4 A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce. | 4.3 |
| 2020-03-06 | CVE-2020-9454 | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Registrationmagic A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote attackers to forge requests on behalf of a site administrator to change all settings for the plugin, including deleting users, creating new roles with escalated privileges, and allowing PHP file uploads via forms. | 8.8 |