Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2020-02-10 CVE-2019-19664 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1
A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1.
network
low complexity
maxum CWE-352
7.1
7.1
2020-02-10 CVE-2019-19662 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1
A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1.
network
low complexity
maxum CWE-352
6.5
6.5
2020-02-10 CVE-2013-2109 Cross-Site Request Forgery (CSRF) vulnerability in Undolog WP Cleanfix 1.4
WordPress plugin wp-cleanfix has Remote Code Execution
network
low complexity
undolog CWE-352
8.8
8.8
2020-02-10 CVE-2013-2108 Cross-Site Request Forgery (CSRF) vulnerability in Undolog Cleanfix 2.4.4
WordPress WP Cleanfix Plugin 2.4.4 has CSRF
network
low complexity
undolog CWE-352
5.4
5.4
2020-02-10 CVE-2019-19665 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.9.1
A CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1.
network
low complexity
maxum CWE-352
6.5
6.5
2020-02-10 CVE-2019-19663 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.9.1
A CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1.
network
low complexity
maxum CWE-352
6.5
6.5
2020-02-10 CVE-2019-19660 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.9.1
A CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1.
network
low complexity
maxum CWE-352
6.5
6.5
2020-02-10 CVE-2019-19659 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.9.1
A CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1.
network
low complexity
maxum CWE-352
8.8
8.8
2020-02-08 CVE-2014-2225 Cross-Site Request Forgery (CSRF) vulnerability in UI products
Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create a new admin user via a request to api/add/admin; (2) have unspecified impact via a request to api/add/wlanconf; change the guest (3) password, (4) authentication method, or (5) restricted subnets via a request to api/set/setting/guest_access; (6) block, (7) unblock, or (8) reconnect users by MAC address via a request to api/cmd/stamgr; change the syslog (9) server or (10) port via a request to api/set/setting/rsyslogd; (11) have unspecified impact via a request to api/set/setting/smtp; change the syslog (12) server, (13) port, or (14) authentication settings via a request to api/cmd/cfgmgr; or (15) change the Unifi Controller name via a request to api/set/setting/identity.
network
low complexity
ui CWE-352
8.8
8.8
2020-02-07 CVE-2011-1085 Cross-Site Request Forgery (CSRF) vulnerability in Smoothwall Express 3.0
CSRF vulnerability in Smoothwall Express 3.
network
low complexity
smoothwall CWE-352
8.8
8.8