Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-21 | CVE-2019-6282 | Cross-Site Request Forgery (CSRF) vulnerability in Chinamobileltd Gpn2.4P21-C-Cn Firmware W2001En00 ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have CSRF via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password. | 8.8 |
2019-03-21 | CVE-2018-20648 | Cross-Site Request Forgery (CSRF) vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8 PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php. | 8.8 |
2019-03-21 | CVE-2018-20644 | Cross-Site Request Forgery (CSRF) vulnerability in Basic B2B Script Project Basic B2B Script 2.0.9 PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature. | 8.8 |
2019-03-21 | CVE-2018-20641 | Cross-Site Request Forgery (CSRF) vulnerability in Entrepreneur JOB Portal Script Project Entrepreneur JOB Portal Script 3.0.1 PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature. | 8.8 |
2019-03-21 | CVE-2018-20633 | Cross-Site Request Forgery (CSRF) vulnerability in Advance B2B Script Project Advance B2B Script 2.1.4 PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature. | 8.8 |
2019-03-21 | CVE-2018-19511 | Cross-Site Request Forgery (CSRF) vulnerability in ENS Webgalamb 7.0 wg7.php in Webgalamb 7.0 lacks security measures to prevent CSRF attacks, as demonstrated by wg7.php?options=1 to change the administrator password. | 6.5 |
2019-03-21 | CVE-2018-17996 | Cross-Site Request Forgery (CSRF) vulnerability in Layerbb 1.1.2 LayerBB before 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/. | 6.5 |
2019-03-14 | CVE-2019-9787 | Cross-Site Request Forgery (CSRF) vulnerability in Wordpress WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. | 8.8 |
2019-03-14 | CVE-2019-9769 | Cross-Site Request Forgery (CSRF) vulnerability in Kartatopia Piluscart 1.4.1 PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator. | 8.8 |
2019-03-12 | CVE-2019-5924 | Cross-Site Request Forgery (CSRF) vulnerability in Rednao Smart Forms Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page. | 8.8 |