Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-27 | CVE-2018-14892 | Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Nsa325 V2 Firmware 4.81 Missing protections against Cross-Site Request Forgery in the web application in ZyXEL NSA325 V2 version 4.81 allow attackers to perform state-changing actions via crafted HTTP forms. | 8.8 |
| 2018-11-26 | CVE-2018-16854 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle versions 3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to 3.3.8, 3.1 to 3.1.14 and earlier. | 8.8 |
| 2018-11-26 | CVE-2018-19561 | Cross-Site Request Forgery (CSRF) vulnerability in Sikcms 1.1 sikcms 1.1 has CSRF via admin.php?m=Admin&c=Users&a=userAdd to add an administrator account. | 8.8 |
| 2018-11-26 | CVE-2018-19560 | Cross-Site Request Forgery (CSRF) vulnerability in Bagesoft Bagecms 3.1.3 BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate to modify a user account. | 8.8 |
| 2018-11-26 | CVE-2018-19555 | Cross-Site Request Forgery (CSRF) vulnerability in Tp4A Teleport 3.1.0 tp4a TELEPORT 3.1.0 has CSRF via user/do-reset-password to change any password, such as the administrator password. | 8.8 |
| 2018-11-26 | CVE-2018-19545 | Cross-Site Request Forgery (CSRF) vulnerability in Jeecms 9.3 JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user. | 8.8 |
| 2018-11-26 | CVE-2018-19544 | Cross-Site Request Forgery (CSRF) vulnerability in Jeecms 9.3 JEECMS 9.3 has CSRF via the api/admin/content/save URI to add news. | 6.5 |
| 2018-11-20 | CVE-2018-19376 | Cross-Site Request Forgery (CSRF) vulnerability in Greencms 2.3.0603 An issue was discovered in GreenCMS v2.3.0603. | 6.5 |
| 2018-11-20 | CVE-2018-18773 | Cross-Site Request Forgery (CSRF) vulnerability in Control-Webpanel Webpanel CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=rootpwd, as demonstrated by changing the root password. | 8.8 |
| 2018-11-20 | CVE-2018-18772 | Cross-Site Request Forgery (CSRF) vulnerability in Control-Webpanel Webpanel CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.740 allows CSRF via admin/index.php?module=send_ssh, as demonstrated by executing an arbitrary OS command. | 8.8 |