Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-06 | CVE-2019-14703 | Cross-Site Request Forgery (CSRF) vulnerability in Microdigital products A CSRF issue was discovered in webparam?user&action=set¶m=add in HTTPD on MicroDigital N-series cameras with firmware through 6400.0.8.5 to create an admin account. | 8.8 |
| 2019-08-06 | CVE-2019-14346 | Cross-Site Request Forgery (CSRF) vulnerability in Schben Adive 2.0.7 Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password. | 8.8 |
| 2019-08-03 | CVE-2019-14551 | Cross-Site Request Forgery (CSRF) vulnerability in Daskeyboard DAS Q Software Das Q before 2019-08-02 allows web sites to execute arbitrary code on client machines, as demonstrated by a cross-origin /install request with an attacker-controlled releaseUrl, which triggers download and execution of code within a ZIP archive. | 9.8 |
| 2019-08-02 | CVE-2019-7947 | Cross-Site Request Forgery (CSRF) vulnerability in Magento A cross-site request forgery vulnerability exists in the GiftCardAccount removal feature for Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 6.5 |
| 2019-08-02 | CVE-2019-7874 | Cross-Site Request Forgery (CSRF) vulnerability in Magento A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 6.5 |
| 2019-08-02 | CVE-2019-7873 | Cross-Site Request Forgery (CSRF) vulnerability in Magento A cross-site request forgery vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 4.3 |
| 2019-08-02 | CVE-2019-7865 | Cross-Site Request Forgery (CSRF) vulnerability in Magento A cross-site request forgery (CSRF) vulnerability exists in the checkout cart item of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. | 8.8 |
| 2019-08-02 | CVE-2019-7857 | Cross-Site Request Forgery (CSRF) vulnerability in Magento A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can cause unwanted items to be added to a shopper's cart due to an insufficiently robust anti-CSRF token implementation. | 4.3 |
| 2019-08-02 | CVE-2019-7851 | Cross-Site Request Forgery (CSRF) vulnerability in Magento A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can lead to unintended data deletion from customer pages. | 6.5 |
| 2019-08-01 | CVE-2013-7473 | Cross-Site Request Forgery (CSRF) vulnerability in Windu CMS 2.2 Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account. | 8.8 |