Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-16 | CVE-2018-19318 | Cross-Site Request Forgery (CSRF) vulnerability in Srcms Project Srcms 3.0.0 SRCMS 3.0.0 allows CSRF via admin.php?m=Admin&c=manager&a=update to change the username and password of the super administrator account. | 8.8 |
| 2018-11-16 | CVE-2018-18799 | Cross-Site Request Forgery (CSRF) vulnerability in School Attendance Monitoring System Project School Attendance Monitoring System 1.0 School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos. | 8.8 |
| 2018-11-16 | CVE-2018-18797 | Cross-Site Request Forgery (CSRF) vulnerability in School Attendance Monitoring System Project School Attendance Monitoring System 1.0 School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php. | 8.8 |
| 2018-11-16 | CVE-2018-18794 | Cross-Site Request Forgery (CSRF) vulnerability in School Event Management System Project School Event Management System 1.0 School Event Management System 1.0 allows CSRF via user/controller.php?action=edit. | 8.8 |
| 2018-11-16 | CVE-2018-18760 | Cross-Site Request Forgery (CSRF) vulnerability in Saltos Rhinos 3.0 RhinOS 3.0 build 1190 allows CSRF. | 6.5 |
| 2018-11-15 | CVE-2018-19291 | Cross-Site Request Forgery (CSRF) vulnerability in Dilicms 2.4.0 An issue was discovered in DiliCMS 2.4.0. | 6.5 |
| 2018-11-13 | CVE-2018-12416 | Cross-Site Request Forgery (CSRF) vulnerability in Tibco Datasynapse Gridserver Manager The GridServer Broker and GridServer Director components of TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an unauthenticated user to perform cross-site request forgery (CSRF). | 8.8 |
| 2018-11-12 | CVE-2018-19225 | Cross-Site Request Forgery (CSRF) vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. | 8.8 |
| 2018-11-12 | CVE-2018-19192 | Cross-Site Request Forgery (CSRF) vulnerability in Xiaocms 20141229 An issue was discovered in XiaoCms 20141229. | 8.8 |
| 2018-11-11 | CVE-2018-19135 | Cross-Site Request Forgery (CSRF) vulnerability in Clippercms 1.3.3 ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). | 8.8 |