Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2020-2090 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Amazon EC2 A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method. | 8.8 |
| 2020-01-15 | CVE-2020-5502 | Cross-Site Request Forgery (CSRF) vulnerability in PHPbb 3.2.8 phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships. | 6.5 |
| 2020-01-15 | CVE-2020-5501 | Cross-Site Request Forgery (CSRF) vulnerability in PHPbb 3.2.8 phpBB 3.2.8 allows a CSRF attack that can modify a group avatar. | 4.3 |
| 2020-01-14 | CVE-2011-2934 | Cross-Site Request Forgery (CSRF) vulnerability in Websitebaker A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions. | 8.8 |
| 2020-01-13 | CVE-2014-9382 | Cross-Site Request Forgery (CSRF) vulnerability in Free Freebox OS 3.0.2 Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation | 6.5 |
| 2020-01-10 | CVE-2019-14304 | Cross-Site Request Forgery (CSRF) vulnerability in Ricoh products Ricoh SP C250DN 1.06 devices allow CSRF. | 8.8 |
| 2020-01-09 | CVE-2019-20178 | Cross-Site Request Forgery (CSRF) vulnerability in Peel Shopping 9.2.1 Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user. | 6.5 |
| 2020-01-09 | CVE-2019-6319 | Cross-Site Request Forgery (CSRF) vulnerability in HP products HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration. | 8.1 |
| 2020-01-09 | CVE-2020-6167 | Cross-Site Request Forgery (CSRF) vulnerability in Webfactoryltd Minimal Coming Soon & Maintenance Mode A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows a CSRF attack to enable maintenance mode, inject XSS, modify several important settings, or include remote files as a logo. | 8.8 |
| 2020-01-09 | CVE-2019-6320 | Cross-Site Request Forgery (CSRF) vulnerability in HP products Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration. | 8.1 |