Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-18 | CVE-2018-12364 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. | 8.8 |
| 2018-10-17 | CVE-2018-15438 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 12.1 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 6.5 |
| 2018-10-17 | CVE-2018-15402 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Enterprise Network Virtualization Software Nfvis8.0/Nfvis9.0 A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks. | 8.8 |
| 2018-10-17 | CVE-2018-18436 | Cross-Site Request Forgery (CSRF) vulnerability in Jtbc PHP 3.0.0.0 JTBC(PHP) 3.0 allows CSRF for creating an account via the console/account/manage.php?type=action&action=add URI. | 8.8 |
| 2018-10-17 | CVE-2018-18432 | Cross-Site Request Forgery (CSRF) vulnerability in Destoon B2B 7.0 An issue was discovered in DESTOON B2B 7.0. | 8.8 |
| 2018-10-17 | CVE-2018-18422 | Cross-Site Request Forgery (CSRF) vulnerability in Usualtool Usualtoolcms 8.0 UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmin/a_adminx.php?x=a URI. | 8.8 |
| 2018-10-15 | CVE-2018-15539 | Cross-Site Request Forgery (CSRF) vulnerability in Agentejo Cockpit Agentejo Cockpit lacks an anti-CSRF protection mechanism. | 8.8 |
| 2018-10-15 | CVE-2018-18317 | Cross-Site Request Forgery (CSRF) vulnerability in Dscms Project Dscms 1.1 DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI. | 8.8 |
| 2018-10-15 | CVE-2018-18316 | Cross-Site Request Forgery (CSRF) vulnerability in Emlog 6.0.0 emlog v6.0.0 has CSRF via the admin/user.php?action=new URI. | 8.8 |
| 2018-10-11 | CVE-2018-18215 | Cross-Site Request Forgery (CSRF) vulnerability in Youke365 Youke 365 1.1.5 In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account. | 8.8 |