Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-10 | CVE-2018-12456 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras Nplug Firmware 1.0.0.14 Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access. | 8.8 |
| 2018-10-10 | CVE-2018-13800 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens Simatic S7-1200 V4 Firmware A vulnerability has been identified in SIMATIC S7-1200 CPU family version 4 (All versions < V4.2.3). | 7.3 |
| 2018-10-09 | CVE-2018-18201 | Cross-Site Request Forgery (CSRF) vulnerability in Qibosoft 7.0 qibosoft V7.0 allows CSRF via admin/index.php?lfj=member&action=addmember to add a user account. | 8.8 |
| 2018-10-09 | CVE-2018-17858 | Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla! An issue was discovered in Joomla! before 3.8.13. | 8.8 |
| 2018-10-09 | CVE-2018-18191 | Cross-Site Request Forgery (CSRF) vulnerability in Finecms 5.4 Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member&m=edit&uid=1 in dayrui FineCms 5.4 allows remote attackers to change the administrator's password. | 8.8 |
| 2018-10-09 | CVE-2018-2474 | Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori 1.0 SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. | 6.5 |
| 2018-10-05 | CVE-2018-15401 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hosted Collaboration Mediation Fulfillment 11.5(2)/11.5(3)/12.5(1) A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 6.5 |
| 2018-10-05 | CVE-2018-0451 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Tetration Analytics 2.0(2.20)/2.1(1.31) A vulnerability in the web-based management interface of Cisco Tetration Analytics could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-10-05 | CVE-2018-0446 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Network Level Service 1.5(0.128) A vulnerability in the web-based management interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-10-05 | CVE-2018-0445 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Packaged Contact Center Enterprise 11.6(1) A vulnerability in the web-based management interface of Cisco Packaged Contact Center Enterprise could allow an unauthenticated, remote attacker to conduct a CSRF attack and perform arbitrary actions on an affected device. | 8.8 |