Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-05-22 CVE-2018-7828 Cross-Site Request Forgery (CSRF) vulnerability in Schneider-Electric products
A Cross-Site Request Forgery (CSRF) vulnerability exists in the 1st Gen.
network
low complexity
schneider-electric CWE-352
8.8
8.8
2019-05-21 CVE-2019-12253 Cross-Site Request Forgery (CSRF) vulnerability in Mylittleforum MY Little Forum
my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&delete_posting.
network
low complexity
mylittleforum CWE-352
6.5
6.5
2019-05-13 CVE-2018-16136 Cross-Site Request Forgery (CSRF) vulnerability in Ipbrick OS 6.3
An issue was discovered in the administrator interface in IPBRICK OS 6.3.
network
low complexity
ipbrick CWE-352
8.8
8.8
2019-05-13 CVE-2018-14711 Cross-Site Request Forgery (CSRF) vulnerability in Asus Rt-Ac3200 Firmware 3.0.0.4.382.50010
Missing cross-site request forgery protection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to cause state-changing actions with specially crafted URLs.
network
low complexity
asus CWE-352
6.5
6.5
2019-05-13 CVE-2019-11886 Cross-Site Request Forgery (CSRF) vulnerability in Yellowpencil Visual CSS Style Editor
The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows yp_option_update CSRF, as demonstrated by use of yp_remote_get to obtain admin access.
network
low complexity
yellowpencil CWE-352
8.8
8.8
2019-05-10 CVE-2018-1790 Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager 3.0.2.0/3.0.2.1
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8
2019-05-10 CVE-2017-12789 Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 5.3.18
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF).
network
low complexity
metinfo CWE-352
8.8
8.8
2019-05-09 CVE-2017-12790 Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 5.3.18
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF).
network
low complexity
metinfo CWE-352
6.5
6.5
2019-05-07 CVE-2019-7746 Cross-Site Request Forgery (CSRF) vulnerability in JIO Jmr1140 Firmware Amteljmr1140R12.07
JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmap_auth type=getuser request and then reading the token field.
network
low complexity
jio CWE-352
8.1
8.1
2019-05-07 CVE-2018-2001 Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management
IBM Cram Social Program Management 6.1.1, 6.2.0, 7.0.4, and 7.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8