Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-12-27 CVE-2014-3136 Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dwr-113 Firmware 2.02
Cross-site request forgery (CSRF) vulnerability in D-Link DWR-113 (Rev.
network
low complexity
dlink CWE-352
8.8
8.8
2019-12-27 CVE-2013-4665 Cross-Site Request Forgery (CSRF) vulnerability in Spbas Business Automation Software 2012
SPBAS Business Automation Software 2012 has CSRF.
network
low complexity
spbas CWE-352
6.5
6.5
2019-12-26 CVE-2019-19995 Cross-Site Request Forgery (CSRF) vulnerability in Intelbras IWR 3000N Firmware 1.8.7
A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, leading to complete control of the router, as demonstrated by v1/system/user.
network
low complexity
intelbras CWE-352
8.8
8.8
2019-12-26 CVE-2019-16326 Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-601 Firmware 2.00Na
D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token is implemented.
network
low complexity
dlink CWE-352
8.8
8.8
2019-12-26 CVE-2019-6030 Cross-Site Request Forgery (CSRF) vulnerability in Custom Body Class Project Custom Body Class
Cross-site request forgery (CSRF) vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
low complexity
custom-body-class-project CWE-352
8.8
8.8
2019-12-26 CVE-2019-6027 Cross-Site Request Forgery (CSRF) vulnerability in Wpspellcheck
Cross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1.9 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
low complexity
wpspellcheck CWE-352
8.8
8.8
2019-12-26 CVE-2019-19981 Cross-Site Request Forgery (CSRF) vulnerability in Icegram Email Subscribers & Newsletters
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for CSRF to be exploited on all plugin settings.
network
low complexity
icegram CWE-352
5.4
5.4
2019-12-20 CVE-2019-4736 Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0
IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
4.3
4.3
2019-12-20 CVE-2019-4231 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm netapp CWE-352
4.3
4.3
2019-12-20 CVE-2018-1934 Cross-Site Request Forgery (CSRF) vulnerability in IBM Cognos Business Intelligence 10.2.2
IBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8