Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-11-26 CVE-2019-18677 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
An issue was discovered in Squid 3.x and 4.x through 4.8 when the append_domain setting is used (because the appended characters do not properly interact with hostname length restrictions).
network
low complexity
squid-cache canonical fedoraproject CWE-352
6.1
6.1
2019-11-26 CVE-2019-16002 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Sd-Wan Firmware
A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
network
low complexity
cisco CWE-352
6.5
6.5
2019-11-26 CVE-2011-3609 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Jboss Application Server 7.0.0/7.0.1/7.0.2
A CSRF issue was found in JBoss Application Server 7 before 7.1.0.
network
low complexity
redhat CWE-352
6.5
6.5
2019-11-22 CVE-2013-6811 Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dsl6740U Firmware
Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DSL-6740U gateway (Rev.
network
low complexity
d-link CWE-352
8.8
8.8
2019-11-22 CVE-2019-19013 Cross-Site Request Forgery (CSRF) vulnerability in Pagekit 1.0.17
A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an arbitrary file by removing the CSRF token from a request.
network
low complexity
pagekit CWE-352
8.8
8.8
2019-11-22 CVE-2012-2079 Cross-Site Request Forgery (CSRF) vulnerability in Drupal Activity 6.X1.X
A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.
network
low complexity
drupal CWE-352
8.8
8.8
2019-11-21 CVE-2015-3140 Cross-Site Request Forgery (CSRF) vulnerability in Synametrics Synaman and Syncrify
Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567
network
low complexity
synametrics CWE-352
8.8
8.8
2019-11-21 CVE-2013-3312 Cross-Site Request Forgery (CSRF) vulnerability in Loftek Nexus 543 Firmware
Multiple cross-site request forgery (CSRF) vulnerabilities in the Loftek Nexus 543 IP Camera allow remote attackers to hijack the authentication of unspecified victims for requests that change (1) passwords or (2) firewall configuration, as demonstrated by a request to set_users.cgi.
network
low complexity
loftek CWE-352
8.8
8.8
2019-11-21 CVE-2019-16548 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Google Compute Engine
A cross-site request forgery vulnerability in Jenkins Google Compute Engine Plugin 4.1.1 and earlier in ComputeEngineCloud#doProvision could be used to provision new agents.
network
low complexity
jenkins CWE-352
8.8
8.8
2019-11-19 CVE-2011-4952 Cross-Site Request Forgery (CSRF) vulnerability in Cobblerd Cobbler
cobbler: Web interface lacks CSRF protection when using Django framework
network
low complexity
cobblerd CWE-352
8.8
8.8