Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-10-17 CVE-2018-18432 Cross-Site Request Forgery (CSRF) vulnerability in Destoon B2B 7.0
An issue was discovered in DESTOON B2B 7.0.
network
low complexity
destoon CWE-352
8.8
8.8
2018-10-17 CVE-2018-18422 Cross-Site Request Forgery (CSRF) vulnerability in Usualtool Usualtoolcms 8.0
UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmin/a_adminx.php?x=a URI.
network
low complexity
usualtool CWE-352
8.8
8.8
2018-10-15 CVE-2018-15539 Cross-Site Request Forgery (CSRF) vulnerability in Agentejo Cockpit
Agentejo Cockpit lacks an anti-CSRF protection mechanism.
network
low complexity
agentejo CWE-352
8.8
8.8
2018-10-15 CVE-2018-18317 Cross-Site Request Forgery (CSRF) vulnerability in Dscms Project Dscms 1.1
DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI.
network
low complexity
dscms-project CWE-352
8.8
8.8
2018-10-15 CVE-2018-18316 Cross-Site Request Forgery (CSRF) vulnerability in Emlog 6.0.0
emlog v6.0.0 has CSRF via the admin/user.php?action=new URI.
network
low complexity
emlog CWE-352
8.8
8.8
2018-10-11 CVE-2018-18215 Cross-Site Request Forgery (CSRF) vulnerability in Youke365 Youke 365 1.1.5
In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account.
network
low complexity
youke365 CWE-352
8.8
8.8
2018-10-10 CVE-2018-12456 Cross-Site Request Forgery (CSRF) vulnerability in Intelbras Nplug Firmware 1.0.0.14
Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.
network
low complexity
intelbras CWE-352
8.8
8.8
2018-10-10 CVE-2018-13800 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Simatic S7-1200 V4 Firmware
A vulnerability has been identified in SIMATIC S7-1200 CPU family version 4 (All versions < V4.2.3).
network
low complexity
siemens CWE-352
7.3
7.3
2018-10-09 CVE-2018-18201 Cross-Site Request Forgery (CSRF) vulnerability in Qibosoft 7.0
qibosoft V7.0 allows CSRF via admin/index.php?lfj=member&action=addmember to add a user account.
network
low complexity
qibosoft CWE-352
8.8
8.8
2018-10-09 CVE-2018-17858 Cross-Site Request Forgery (CSRF) vulnerability in Joomla Joomla!
An issue was discovered in Joomla! before 3.8.13.
network
low complexity
joomla CWE-352
8.8
8.8