Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-12 | CVE-2019-5920 | Cross-Site Request Forgery (CSRF) vulnerability in Ncrafts Formcraft Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page. | 8.8 |
| 2019-03-11 | CVE-2019-9688 | Cross-Site Request Forgery (CSRF) vulnerability in Sftnow sftnow through 2018-12-29 allows index.php?g=Admin&m=User&a=add_post CSRF to add an admin account. | 8.8 |
| 2019-03-11 | CVE-2019-9652 | Cross-Site Request Forgery (CSRF) vulnerability in Sdcms 1.7 There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. | 8.8 |
| 2019-03-07 | CVE-2019-9598 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1 An issue was discovered in Cscms 4.1.0. | 6.5 |
| 2019-03-07 | CVE-2019-8437 | Cross-Site Request Forgery (CSRF) vulnerability in Njiandan-Cms Project Njiandan-Cms 20130522/20130523 njiandan-cms through 2013-05-23 has index.php/admin/user_new CSRF to add an administrator. | 8.8 |
| 2019-03-07 | CVE-2019-6710 | Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Nbg-418N Firmware 1.00(Aaxm.6)C0 Zyxel NBG-418N v2 v1.00(AAXM.4)C0 devices allow login.cgi CSRF. | 8.8 |
| 2019-03-07 | CVE-2018-18449 | Cross-Site Request Forgery (CSRF) vulnerability in Phome Empirecms 7.5 EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339. | 8.8 |
| 2019-03-07 | CVE-2018-17429 | Cross-Site Request Forgery (CSRF) vulnerability in Jtbc 3.0 /console/account/manage.php?type=action&action=add in JTBC v3.0(C) has CSRF for adding an administrator account. | 8.8 |
| 2019-03-07 | CVE-2019-9625 | Cross-Site Request Forgery (CSRF) vulnerability in Directadmin 1.55 JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to create a new admin account. | 8.8 |
| 2019-03-06 | CVE-2019-9603 | Cross-Site Request Forgery (CSRF) vulnerability in 1234N Minicms 1.10 MiniCMS 1.10 allows mc-admin/post.php?state=publish&delete= CSRF to delete articles, a different vulnerability than CVE-2018-18891. | 6.5 |