Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2020-04-20 CVE-2017-18842 Cross-Site Request Forgery (CSRF) vulnerability in Netgear products
Certain NETGEAR devices are affected by CSRF.
network
low complexity
netgear CWE-352
8.8
8.8
2020-04-20 CVE-2017-18852 Cross-Site Request Forgery (CSRF) vulnerability in Netgear products
Certain NETGEAR devices are affected by CSRF and authentication bypass.
network
low complexity
netgear CWE-352
8.8
8.8
2020-04-16 CVE-2020-11825 Cross-Site Request Forgery (CSRF) vulnerability in Dolibarr Erp/Crm 10.0.6
In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks.
network
low complexity
dolibarr CWE-352
8.8
8.8
2020-04-16 CVE-2020-11818 Cross-Site Request Forgery (CSRF) vulnerability in Rukovoditel 2.5.2
In Rukovoditel 2.5.2 has a form_session_token value to prevent CSRF attacks.
network
low complexity
rukovoditel CWE-352
8.8
8.8
2020-04-16 CVE-2019-20691 Cross-Site Request Forgery (CSRF) vulnerability in Netgear products
Certain NETGEAR devices are affected by CSRF.
network
low complexity
netgear CWE-352
8.8
8.8
2020-04-15 CVE-2020-3261 Cross-Site Request Forgery (CSRF) vulnerability in Cisco products
A vulnerability in the web-based management interface of Cisco Mobility Express Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
network
low complexity
cisco CWE-352
6.5
6.5
2020-04-14 CVE-2020-11003 Cross-Site Request Forgery (CSRF) vulnerability in Fraction Oasis
Oasis before version 2.15.0 has a potential DNS rebinding or CSRF vulnerability.
network
low complexity
fraction CWE-352
8.1
8.1
2020-04-12 CVE-2020-11706 Cross-Site Request Forgery (CSRF) vulnerability in Provideserver Provide FTP Server 13.1
An issue was discovered in ProVide (formerly zFTPServer) through 13.1.
network
low complexity
provideserver CWE-352
8.8
8.8
2020-04-12 CVE-2020-11701 Cross-Site Request Forgery (CSRF) vulnerability in Provideserver Provide FTP Server 13.1
An issue was discovered in ProVide (formerly zFTPServer) through 13.1.
network
low complexity
provideserver CWE-352
8.8
8.8
2020-04-10 CVE-2019-18376 Cross-Site Request Forgery (CSRF) vulnerability in Symantec Management Center 2.2/2.3/2.4
A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated Management Center (MC) user's web browser history or a network device that intercepts/logs traffic to MC, to obtain CSRF tokens and use them to perform CSRF attacks against MC.
network
high complexity
symantec CWE-352
5.9
5.9