Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-13 | CVE-2014-9382 | Cross-Site Request Forgery (CSRF) vulnerability in Free Freebox OS 3.0.2 Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation | 6.5 |
| 2020-01-10 | CVE-2019-14304 | Cross-Site Request Forgery (CSRF) vulnerability in Ricoh products Ricoh SP C250DN 1.06 devices allow CSRF. | 8.8 |
| 2020-01-09 | CVE-2019-20178 | Cross-Site Request Forgery (CSRF) vulnerability in Peel Shopping 9.2.1 Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php to delete a user. | 6.5 |
| 2020-01-09 | CVE-2019-6319 | Cross-Site Request Forgery (CSRF) vulnerability in HP products HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration. | 8.1 |
| 2020-01-09 | CVE-2020-6167 | Cross-Site Request Forgery (CSRF) vulnerability in Webfactoryltd Minimal Coming Soon & Maintenance Mode A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows a CSRF attack to enable maintenance mode, inject XSS, modify several important settings, or include remote files as a logo. | 8.8 |
| 2020-01-09 | CVE-2019-6320 | Cross-Site Request Forgery (CSRF) vulnerability in HP products Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K4T99C, K4U00B - K4U03B, and V3F21A - V3F22A (firmware version SWP1FN1912BR or higher) have a Cross-Site Request Forgery (CSRF) vulnerability that could lead to a denial of service (DOS) or device misconfiguration. | 8.1 |
| 2020-01-08 | CVE-2011-5250 | Cross-Site Request Forgery (CSRF) vulnerability in Prophecyinternational Snare Snare for Linux before 1.7.0 has CSRF in the web interface. | 6.5 |
| 2020-01-05 | CVE-2019-20077 | Cross-Site Request Forgery (CSRF) vulnerability in Typesettercms Typesetter 5.1 The Typesetter CMS 5.1 logout functionality is affected by a CSRF vulnerability. | 4.3 |
| 2020-01-03 | CVE-2014-5516 | Cross-Site Request Forgery (CSRF) vulnerability in Konakart Cross-site request forgery (CSRF) vulnerability in the Storefront Application in DS Data Systems KonaKart before 7.3.0.0 allows remote attackers to hijack the authentication of administrators for requests that change a user email address via an unspecified GET request. | 6.5 |
| 2020-01-02 | CVE-2014-3590 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Satellite 6.0 Versions of Foreman as shipped with Red Hat Satellite 6 does not check for a correct CSRF token in the logout action. | 6.5 |