Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-11-13 CVE-2012-4385 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
letodms 3.3.6 has CSRF via change password
network
low complexity
trilexnet debian CWE-352
6.5
6.5
2019-11-13 CVE-2014-3655 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Jboss Enterprise web Server and Keycloak
JBoss KeyCloak is vulnerable to soft token deletion via CSRF
network
low complexity
redhat CWE-352
4.3
4.3
2019-11-12 CVE-2010-3305 Cross-Site Request Forgery (CSRF) vulnerability in Pixelpost 1.7.3
Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin password.
network
low complexity
pixelpost CWE-352
8.8
8.8
2019-11-12 CVE-2019-17237 Cross-Site Request Forgery (CSRF) vulnerability in Getigniteup Igniteup
includes/class-coming-soon-creator.php in the igniteup plugin through 3.4 for WordPress allows CSRF.
network
low complexity
getigniteup CWE-352
8.8
8.8
2019-11-06 CVE-2019-18411 Cross-Site Request Forgery (CSRF) vulnerability in Zohocorp Manageengine Adselfservice Plus
Zoho ManageEngine ADSelfService Plus 5.x through 5803 has CSRF on the users' profile information page.
network
low complexity
zohocorp CWE-352
8.8
8.8
2019-11-06 CVE-2019-18650 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.9.13.
network
low complexity
joomla CWE-352
8.8
8.8
2019-11-06 CVE-2019-8155 Cross-Site Request Forgery (CSRF) vulnerability in Magento
Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a user's CSRF token in the URL of a GET request.
network
low complexity
magento CWE-352
7.5
7.5
2019-11-05 CVE-2019-8109 Cross-Site Request Forgery (CSRF) vulnerability in Magento
A remote code execution vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1.
network
low complexity
magento CWE-352
8.0
8.0
2019-11-05 CVE-2013-6275 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Multiple CSRF issues in Horde Groupware Webmail Edition 5.1.2 and earlier in basic.php.
network
low complexity
horde debian CWE-352
6.5
6.5
2019-11-05 CVE-2013-6365 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Horde Groupware Web mail 5.1.2 has CSRF with requests to change permissions
network
high complexity
horde opensuse debian CWE-352
5.3
5.3