Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-02-01 CVE-2019-3604 Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Epolicy Orchestrator
Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors.
network
low complexity
mcafee CWE-352
8.8
8.8
2019-01-24 CVE-2019-6779 Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1.8
Cscms 4.1.8 allows admin.php/links/save CSRF to add, modify, or delete friend links.
network
low complexity
chshcms CWE-352
8.1
8.1
2019-01-24 CVE-2019-1658 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 11.6(1)
A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.
network
low complexity
cisco CWE-352
7.4
7.4
2019-01-23 CVE-2017-17835 Cross-Site Request Forgery (CSRF) vulnerability in Apache Airflow
In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability allowed for a remote command injection on a default install of Airflow.
network
low complexity
apache CWE-352
8.8
8.8
2019-01-22 CVE-2019-6510 Cross-Site Request Forgery (CSRF) vulnerability in Creditease-Sec Insight 20180911
An issue was discovered in creditease-sec insight through 2018-09-11.
network
low complexity
creditease-sec CWE-352
8.8
8.8
2019-01-22 CVE-2019-6509 Cross-Site Request Forgery (CSRF) vulnerability in Creditease-Sec Insight 20180911
An issue was discovered in creditease-sec insight through 2018-09-11.
network
low complexity
creditease-sec CWE-352
8.8
8.8
2019-01-22 CVE-2019-6508 Cross-Site Request Forgery (CSRF) vulnerability in Creditease-Sec Insight 20180911
An issue was discovered in creditease-sec insight through 2018-09-11.
network
low complexity
creditease-sec CWE-352
8.8
8.8
2019-01-22 CVE-2019-6507 Cross-Site Request Forgery (CSRF) vulnerability in Creditease-Sec Insight 20180911
An issue was discovered in creditease-sec insight through 2018-09-11.
network
low complexity
creditease-sec CWE-352
8.8
8.8
2019-01-17 CVE-2018-20728 Cross-Site Request Forgery (CSRF) vulnerability in Nedi
A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp3 allows remote attackers to escalate privileges via User-Management.php.
network
low complexity
nedi CWE-352
8.8
8.8
2019-01-16 CVE-2016-10738 Cross-Site Request Forgery (CSRF) vulnerability in Castlamp Zenbership 107
Zenbership v107 has CSRF via admin/cp-functions/event-add.php.
network
low complexity
castlamp CWE-352
8.8
8.8