Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-16 | CVE-2018-18760 | Cross-Site Request Forgery (CSRF) vulnerability in Saltos Rhinos 3.0 RhinOS 3.0 build 1190 allows CSRF. | 6.5 |
| 2018-11-15 | CVE-2018-19291 | Cross-Site Request Forgery (CSRF) vulnerability in Dilicms 2.4.0 An issue was discovered in DiliCMS 2.4.0. | 6.5 |
| 2018-11-13 | CVE-2018-12416 | Cross-Site Request Forgery (CSRF) vulnerability in Tibco Datasynapse Gridserver Manager The GridServer Broker and GridServer Director components of TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an unauthenticated user to perform cross-site request forgery (CSRF). | 8.8 |
| 2018-11-12 | CVE-2018-19225 | Cross-Site Request Forgery (CSRF) vulnerability in Laobancms 2.0 An issue was discovered in LAOBANCMS 2.0. | 8.8 |
| 2018-11-12 | CVE-2018-19192 | Cross-Site Request Forgery (CSRF) vulnerability in Xiaocms 20141229 An issue was discovered in XiaoCms 20141229. | 8.8 |
| 2018-11-11 | CVE-2018-19135 | Cross-Site Request Forgery (CSRF) vulnerability in Clippercms 1.3.3 ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). | 8.8 |
| 2018-11-10 | CVE-2017-17550 | Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Zywall USG 100 Firmware 2.12(Aqq.2)/3.30(Aqq.7) ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account. | 8.8 |
| 2018-11-09 | CVE-2018-19138 | Cross-Site Request Forgery (CSRF) vulnerability in Wstmart 2.0.7 WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI. | 8.8 |
| 2018-11-08 | CVE-2018-15445 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Energy Management Suite Software A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.0 |
| 2018-11-08 | CVE-2018-19104 | Cross-Site Request Forgery (CSRF) vulnerability in Bagesoft Bagecms 3.1.3 In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges. | 8.8 |