Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-13 | CVE-2018-14711 | Cross-Site Request Forgery (CSRF) vulnerability in Asus Rt-Ac3200 Firmware 3.0.0.4.382.50010 Missing cross-site request forgery protection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to cause state-changing actions with specially crafted URLs. | 6.5 |
| 2019-05-13 | CVE-2019-11886 | Cross-Site Request Forgery (CSRF) vulnerability in Yellowpencil Visual CSS Style Editor The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme-customizer) plugin before 7.2.1 for WordPress allows yp_option_update CSRF, as demonstrated by use of yp_remote_get to obtain admin access. | 8.8 |
| 2019-05-10 | CVE-2018-1790 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager 3.0.2.0/3.0.2.1 IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2019-05-10 | CVE-2017-12789 | Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 5.3.18 Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). | 8.8 |
| 2019-05-09 | CVE-2017-12790 | Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 5.3.18 Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). | 6.5 |
| 2019-05-07 | CVE-2019-7746 | Cross-Site Request Forgery (CSRF) vulnerability in JIO Jmr1140 Firmware Amteljmr1140R12.07 JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmap_auth type=getuser request and then reading the token field. | 8.1 |
| 2019-05-07 | CVE-2018-2001 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management IBM Cram Social Program Management 6.1.1, 6.2.0, 7.0.4, and 7.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2019-05-07 | CVE-2018-13993 | Cross-Site Request Forgery (CSRF) vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. | 8.8 |
| 2019-05-06 | CVE-2019-11569 | Cross-Site Request Forgery (CSRF) vulnerability in Veeam ONE Reporter 9.5.0.3201 Veeam ONE Reporter 9.5.0.3201 allows CSRF. | 8.8 |
| 2019-05-06 | CVE-2018-4066 | Cross-Site Request Forgery (CSRF) vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 8.8 |