Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2020-02-07 CVE-2014-5288 Cross-Site Request Forgery (CSRF) vulnerability in Kemptechnologies Load Master 7.116/7.118
A CSRF Vulnerability exists in Kemp Load Master before 7.0-18a via unspecified vectors in administrative pages.
network
low complexity
kemptechnologies CWE-352
8.8
8.8
2020-02-06 CVE-2013-3568 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Linksys Wrt110 Firmware
Cross-site request forgery (CSRF) vulnerability in Cisco Linksys WRT110 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
network
low complexity
cisco CWE-352
8.8
8.8
2020-02-06 CVE-2012-6297 Cross-Site Request Forgery (CSRF) vulnerability in Dd-Wrt 24
Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service.
network
low complexity
dd-wrt CWE-352
8.8
8.8
2020-02-06 CVE-2020-8658 Cross-Site Request Forgery (CSRF) vulnerability in Bestwebsoft Htaccess
The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF.
network
low complexity
bestwebsoft CWE-352
8.8
8.8
2020-02-06 CVE-2019-20405 Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server
The JMX monitoring flag in Atlassian Jira Server and Data Center before version 8.6.0 allows remote attackers to turn the JMX monitoring flag off or on via a Cross-site request forgery (CSRF) vulnerability.
network
low complexity
atlassian CWE-352
4.3
4.3
2020-02-06 CVE-2019-20401 Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server
Various installation setup resources in Jira before version 8.5.2 allow remote attackers to configure a Jira instance, which has not yet finished being installed, via Cross-site request forgery (CSRF) vulnerabilities.
network
low complexity
atlassian CWE-352
6.5
6.5
2020-02-05 CVE-2011-0525 Cross-Site Request Forgery (CSRF) vulnerability in Batavi
Batavi before 1.0 has CSRF.
network
low complexity
batavi CWE-352
8.8
8.8
2020-02-05 CVE-2019-4613 Cross-Site Request Forgery (CSRF) vulnerability in IBM Planning Analytics 2.0
IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8
2020-02-04 CVE-2020-8615 Cross-Site Request Forgery (CSRF) vulnerability in Themeum Tutor LMS
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).
network
low complexity
themeum CWE-352
6.5
6.5
2020-02-04 CVE-2019-10784 Cross-Site Request Forgery (CSRF) vulnerability in PHPpgadmin Project PHPpgadmin
phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application.
network
low complexity
phppgadmin-project CWE-352
critical
 9.6
9.6