Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-22 | CVE-2019-19013 | Cross-Site Request Forgery (CSRF) vulnerability in Pagekit 1.0.17 A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request. | 8.8 |
| 2019-11-22 | CVE-2012-2079 | Cross-Site Request Forgery (CSRF) vulnerability in Drupal Activity 6.X1.X A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal. | 8.8 |
| 2019-11-21 | CVE-2015-3140 | Cross-Site Request Forgery (CSRF) vulnerability in Synametrics Synaman and Syncrify Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567 | 8.8 |
| 2019-11-21 | CVE-2013-3312 | Cross-Site Request Forgery (CSRF) vulnerability in Loftek Nexus 543 Firmware Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow remote attackers to hijack the authentication of unspecified victims for requests that change (1) passwords or (2) firewall configuration, as demonstrated by a request to set_users.cgi. | 8.8 |
| 2019-11-21 | CVE-2019-16548 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Google Compute Engine A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents. | 8.8 |
| 2019-11-19 | CVE-2011-4952 | Cross-Site Request Forgery (CSRF) vulnerability in Cobblerd Cobbler cobbler: Web interface lacks CSRF protection when using Django framework | 8.8 |
| 2019-11-14 | CVE-2019-18651 | Cross-Site Request Forgery (CSRF) vulnerability in 3Xlogic Infinias Access Control Firmware 6.6.9586.0 A cross-site request forgery (CSRF) vulnerability in 3xLogic Infinias Access Control through 6.6.9586.0 allows remote attackers to execute malicious and unauthorized actions (e.g., delete application users) by sending a crafted HTML document or encoded URL to a user that the website trusts. | 6.5 |
| 2019-11-13 | CVE-2013-3366 | Cross-Site Request Forgery (CSRF) vulnerability in Trendnet Tew-812Dru Firmware Undocumented TELNET service in TRENDnet TEW-812DRU when a web page named backdoor contains an HTML parameter of password and a value of j78G¬DFdg_24Mhw3. | 8.8 |
| 2019-11-13 | CVE-2019-18884 | Cross-Site Request Forgery (CSRF) vulnerability in Fairsketch Rise - Ultimate Project Manager 2.3 index.php/team_members/add_team_member in RISE Ultimate Project Manager 2.3 has CSRF for adding authorized users. | 8.8 |
| 2019-11-13 | CVE-2013-3516 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Wnr3500L Firmware and Wnr3500U Firmware NETGEAR WNR3500U and WNR3500L routers uses form tokens abased solely on router's current date and time, which allows attackers to guess the CSRF tokens. | 6.5 |