Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-10 | CVE-2017-17550 | Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Zywall USG 100 Firmware 2.12(Aqq.2)/3.30(Aqq.7) ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account. | 8.8 |
| 2018-11-09 | CVE-2018-19138 | Cross-Site Request Forgery (CSRF) vulnerability in Wstmart 2.0.7 WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI. | 8.8 |
| 2018-11-08 | CVE-2018-15445 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Energy Management Suite Software A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.0 |
| 2018-11-08 | CVE-2018-19104 | Cross-Site Request Forgery (CSRF) vulnerability in Bagesoft Bagecms 3.1.3 In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges. | 8.8 |
| 2018-11-06 | CVE-2018-12415 | Cross-Site Request Forgery (CSRF) vulnerability in Tibco Enterprise Message Service The Central Administration server (emsca) component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. | 8.8 |
| 2018-11-06 | CVE-2018-12414 | Cross-Site Request Forgery (CSRF) vulnerability in Tibco products The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), and Rendezvous Daemon Manager (rvdm) components of TIBCO Software Inc.'s TIBCO Rendezvous, TIBCO Rendezvous Developer Edition, TIBCO Rendezvous for z/Linux, TIBCO Rendezvous for z/OS, TIBCO Rendezvous Network Server, TIBCO Substation ES contain vulnerabilities which may allow an attacker to perform cross-site request forgery (CSRF) attacks. | 8.8 |
| 2018-11-06 | CVE-2018-12413 | Cross-Site Request Forgery (CSRF) vulnerability in Tibco Messaging - Apache Kafka Distribution - Schema Repository 1.0.0 The Schema repository server (tibschemad) component of TIBCO Software Inc.'s TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Community Edition, and TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. | 8.8 |
| 2018-11-06 | CVE-2018-12412 | Cross-Site Request Forgery (CSRF) vulnerability in Tibco FTL The realm server (tibrealmserver) component of TIBCO Software Inc. | 8.8 |
| 2018-11-06 | CVE-2018-12411 | Cross-Site Request Forgery (CSRF) vulnerability in Tibco Activespaces The administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. | 8.8 |
| 2018-11-05 | CVE-2018-18935 | Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1 An issue was discovered in PopojiCMS v2.0.1. | 8.8 |