Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-10 | CVE-2019-19660 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.9.1 A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. | 6.5 |
| 2020-02-10 | CVE-2019-19659 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.9.1 A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. | 8.8 |
| 2020-02-08 | CVE-2014-2225 | Cross-Site Request Forgery (CSRF) vulnerability in UI products Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create a new admin user via a request to api/add/admin; (2) have unspecified impact via a request to api/add/wlanconf; change the guest (3) password, (4) authentication method, or (5) restricted subnets via a request to api/set/setting/guest_access; (6) block, (7) unblock, or (8) reconnect users by MAC address via a request to api/cmd/stamgr; change the syslog (9) server or (10) port via a request to api/set/setting/rsyslogd; (11) have unspecified impact via a request to api/set/setting/smtp; change the syslog (12) server, (13) port, or (14) authentication settings via a request to api/cmd/cfgmgr; or (15) change the Unifi Controller name via a request to api/set/setting/identity. | 8.8 |
| 2020-02-07 | CVE-2011-1085 | Cross-Site Request Forgery (CSRF) vulnerability in Smoothwall Express 3.0 CSRF vulnerability in Smoothwall Express 3. | 8.8 |
| 2020-02-07 | CVE-2014-5288 | Cross-Site Request Forgery (CSRF) vulnerability in Kemptechnologies Load Master 7.116/7.118 A CSRF Vulnerability exists in Kemp Load Master before 7.0-18a via unspecified vectors in administrative pages. | 8.8 |
| 2020-02-06 | CVE-2013-3568 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Linksys Wrt110 Firmware Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | 8.8 |
| 2020-02-06 | CVE-2012-6297 | Cross-Site Request Forgery (CSRF) vulnerability in Dd-Wrt 24 Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service. | 8.8 |
| 2020-02-06 | CVE-2020-8658 | Cross-Site Request Forgery (CSRF) vulnerability in Bestwebsoft Htaccess The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF. | 8.8 |
| 2020-02-06 | CVE-2019-20405 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to turn the JMX monitoring flag off or on via a Cross-site request forgery (CSRF) vulnerability. | 4.3 |
| 2020-02-06 | CVE-2019-20401 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configure a Jira instance, which has not yet finished being installed, via Cross-site request forgery (CSRF) vulnerabilities. | 6.5 |