Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-08-15 CVE-2019-13516 Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI web API
In OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect.
network
low complexity
osisoft CWE-352
8.8
8.8
2019-08-15 CVE-2018-14668 Cross-Site Request Forgery (CSRF) vulnerability in Yandex Clickhouse
In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "default_database" fields which led to Cross Protocol Request Forgery Attacks.
network
low complexity
yandex CWE-352
8.8
8.8
2019-08-14 CVE-2019-15062 Cross-Site Request Forgery (CSRF) vulnerability in Dolibarr Erp/Crm 11.0.0
An issue was discovered in Dolibarr 11.0.0-alpha.
network
low complexity
dolibarr CWE-352
8.0
8.0
2019-08-14 CVE-2019-14526 Cross-Site Request Forgery (CSRF) vulnerability in Netgear Mr1100 Firmware 12.05.05.00
An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices before 12.06.03.
network
low complexity
netgear CWE-352
8.1
8.1
2019-08-14 CVE-2019-14216 Cross-Site Request Forgery (CSRF) vulnerability in WP SVG Icons Project WP SVG Icons
An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icons) plugin through 3.2.1 for WordPress.
network
low complexity
wp-svg-icons-project CWE-352
8.8
8.8
2019-08-14 CVE-2019-10199 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Keycloak
It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests.
network
low complexity
redhat CWE-352
8.8
8.8
2019-08-14 CVE-2018-20968 Cross-Site Request Forgery (CSRF) vulnerability in Smackcoders Ultimate Exporter
The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF.
network
low complexity
smackcoders CWE-352
8.8
8.8
2019-08-14 CVE-2018-20967 Cross-Site Request Forgery (CSRF) vulnerability in Smackcoders Import ALL Pages, Post Types, Products, Orders, and Users AS XML & CSV
The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF.
network
low complexity
smackcoders CWE-352
8.8
8.8
2019-08-14 CVE-2017-18513 Cross-Site Request Forgery (CSRF) vulnerability in Expresstech Responsive Menu
The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.
network
low complexity
expresstech CWE-352
8.8
8.8
2019-08-14 CVE-2017-18512 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Newsletter BY Supsystic
The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF.
network
low complexity
supsystic CWE-352
8.8
8.8