Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-11 | CVE-2020-10181 | Cross-Site Request Forgery (CSRF) vulnerability in Sumavision Enhanced Multimedia Router Firmware 3.0.4.27 goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request. | 9.8 |
| 2020-03-11 | CVE-2019-16107 | Cross-Site Request Forgery (CSRF) vulnerability in PHPbb 3.2.7 Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments. | 4.3 |
| 2020-03-10 | CVE-2020-6206 | Cross-Site Request Forgery (CSRF) vulnerability in SAP Cloud Platform Integration 1.0 SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. | 4.3 |
| 2020-03-09 | CVE-2020-2147 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins mac A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. | 4.3 |
| 2020-03-09 | CVE-2020-2141 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins P4 A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce. | 4.3 |
| 2020-03-06 | CVE-2020-9454 | Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Registrationmagic A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote attackers to forge requests on behalf of a site administrator to change all settings for the plugin, including deleting users, creating new roles with escalated privileges, and allowing PHP file uploads via forms. | 8.8 |
| 2020-03-04 | CVE-2020-3148 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Network Registrar A vulnerability in the web-based interface of Cisco Prime Network Registrar (CPNR) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 7.1 |
| 2020-03-04 | CVE-2020-10057 | Cross-Site Request Forgery (CSRF) vulnerability in Metalgenix Genixcms 1.1.7 GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. | 8.8 |
| 2020-03-04 | CVE-2020-7988 | Cross-Site Request Forgery (CSRF) vulnerability in PHPipam 1.4 An issue was discovered in tools/pass-change/result.php in phpIPAM 1.4. | 8.8 |
| 2020-03-02 | CVE-2019-20487 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Wnr1000 Firmware 1.1.0.54 An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. | 8.8 |