Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-29	CVE-2019-9604	Cross-Site Request Forgery (CSRF) vulnerability in Online Lottery PHP Readymade Script Project Online Lottery PHP Readymade Script 1.7.0 PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery (CSRF) for Edit Profile actions. network low complexity online-lottery-php-readymade-script-project CWE-352	8.8
2019-03-28	CVE-2019-6607	Cross-Site Request Forgery (CSRF) vulnerability in F5 Big-Ip Application Security Manager On BIG-IP ASM 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, there is a stored cross-site scripting vulnerability in an ASM violation viewed in the Configuration utility. network low complexity f5 CWE-352	6.8
2019-03-28	CVE-2019-1003046	Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Fortify on Demand Uploader A cross-site request forgery vulnerability in Jenkins Fortify on Demand Uploader Plugin 3.0.10 and earlier allows attackers to initiate a connection to an attacker-specified server. network low complexity jenkins CWE-352	6.5
2019-03-28	CVE-2019-1003044	Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Slack Notification A cross-site request forgery vulnerability in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. network high complexity jenkins CWE-352	7.1
2019-03-27	CVE-2019-10237	Cross-Site Request Forgery (CSRF) vulnerability in S-Cms 1.0 S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040. network low complexity s-cms CWE-352	8.8
2019-03-22	CVE-2019-1764	Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. network low complexity cisco CWE-352	8.8
2019-03-21	CVE-2019-7440	Cross-Site Request Forgery (CSRF) vulnerability in JIO Jiofi 4G M2S Firmware 1.0.2 JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi). network low complexity jio CWE-352	6.5
2019-03-21	CVE-2019-7433	Cross-Site Request Forgery (CSRF) vulnerability in Rental Bike Script Project Rental Bike Script 2.0.3 PHP Scripts Mall Rental Bike Script 2.0.3 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature. network low complexity rental-bike-script-project CWE-352	8.8
2019-03-21	CVE-2019-7391	Cross-Site Request Forgery (CSRF) vulnerability in Zyxel products ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 devices allow login/login-page.cgi CSRF. network low complexity zyxel CWE-352	8.8
2019-03-21	CVE-2019-6967	Cross-Site Request Forgery (CSRF) vulnerability in Airties AIR 5341 Firmware 1.0.0.12 AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF. network low complexity airties CWE-352	8.8