Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-01-24 CVE-2019-6779 Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1.8
Cscms 4.1.8 allows admin.php/links/save CSRF to add, modify, or delete friend links.
network
low complexity
chshcms CWE-352
8.1
8.1
2019-01-24 CVE-2019-1658 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 11.6(1)
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.
network
low complexity
cisco CWE-352
7.4
7.4
2019-01-23 CVE-2017-17835 Cross-Site Request Forgery (CSRF) vulnerability in Apache Airflow
In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability allowed for a remote command injection on a default install of Airflow.
network
low complexity
apache CWE-352
8.8
8.8
2019-01-22 CVE-2019-6510 Cross-Site Request Forgery (CSRF) vulnerability in Creditease-Sec Insight 20180911
An issue was discovered in creditease-sec insight through 2018-09-11.
network
low complexity
creditease-sec CWE-352
8.8
8.8
2019-01-22 CVE-2019-6509 Cross-Site Request Forgery (CSRF) vulnerability in Creditease-Sec Insight 20180911
An issue was discovered in creditease-sec insight through 2018-09-11.
network
low complexity
creditease-sec CWE-352
8.8
8.8
2019-01-22 CVE-2019-6508 Cross-Site Request Forgery (CSRF) vulnerability in Creditease-Sec Insight 20180911
An issue was discovered in creditease-sec insight through 2018-09-11.
network
low complexity
creditease-sec CWE-352
8.8
8.8
2019-01-22 CVE-2019-6507 Cross-Site Request Forgery (CSRF) vulnerability in Creditease-Sec Insight 20180911
An issue was discovered in creditease-sec insight through 2018-09-11.
network
low complexity
creditease-sec CWE-352
8.8
8.8
2019-01-17 CVE-2018-20728 Cross-Site Request Forgery (CSRF) vulnerability in Nedi
A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp3 allows remote attackers to escalate privileges via User-Management.php.
network
low complexity
nedi CWE-352
8.8
8.8
2019-01-16 CVE-2016-10738 Cross-Site Request Forgery (CSRF) vulnerability in Castlamp Zenbership 107
Zenbership v107 has CSRF via admin/cp-functions/event-add.php.
network
low complexity
castlamp CWE-352
8.8
8.8
2019-01-15 CVE-2019-6294 Cross-Site Request Forgery (CSRF) vulnerability in Easycms 1.5
An issue was discovered in EasyCMS 1.5.
network
low complexity
easycms CWE-352
8.8
8.8