Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-08-29 CVE-2018-15121 Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Aspnet and Aspnet-Owin
An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin.
network
low complexity
auth0 CWE-352
8.8
8.8
2018-08-28 CVE-2018-15901 Cross-Site Request Forgery (CSRF) vulnerability in E107 2.1.8
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
network
low complexity
e107 CWE-352
8.8
8.8
2018-08-28 CVE-2014-6046 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ before 2.8.13 allow remote attackers to hijack the authentication of unspecified users for requests that (1) delete active users by leveraging improper validation of CSRF tokens or that (2) delete open questions, (3) activate users, (4) publish FAQs, (5) add or delete Glossary, (6) add or delete FAQ news, or (7) add or delete comments or add votes by leveraging lack of a CSRF token.
network
low complexity
phpmyfaq CWE-352
8.8
8.8
2018-08-25 CVE-2018-15851 Cross-Site Request Forgery (CSRF) vulnerability in Flexocms Project Flexo CMS 0.1.6
An issue was discovered in Flexo CMS v0.1.6.
network
low complexity
flexocms-project CWE-352
8.8
8.8
2018-08-25 CVE-2018-15850 Cross-Site Request Forgery (CSRF) vulnerability in Redaxo CMS 4.7.2
An issue was discovered in REDAXO CMS 4.7.2.
network
low complexity
redaxo CWE-352
8.8
8.8
2018-08-25 CVE-2018-15849 Cross-Site Request Forgery (CSRF) vulnerability in Portfoliocms Project Portfoliocms 1.0.5
An issue was discovered in portfolioCMS 1.0.5.
network
low complexity
portfoliocms-project CWE-352
4.3
4.3
2018-08-25 CVE-2018-15848 Cross-Site Request Forgery (CSRF) vulnerability in Portfoliocms Project Portfoliocms 1.0.5
An issue was discovered in portfolioCMS 1.0.5.
network
low complexity
portfoliocms-project CWE-352
8.8
8.8
2018-08-25 CVE-2018-15846 Cross-Site Request Forgery (CSRF) vulnerability in Fledrcms Project Fledrcms
An issue was discovered in fledrCMS through 2014-02-03.
network
low complexity
fledrcms-project CWE-352
8.8
8.8
2018-08-25 CVE-2018-15845 Cross-Site Request Forgery (CSRF) vulnerability in Gleezcms Gleez CMS 1.2.0
There is a CSRF vulnerability that can add an administrator account in Gleez CMS 1.2.0 via admin/users/add.
network
low complexity
gleezcms CWE-352
8.8
8.8
2018-08-25 CVE-2018-15844 Cross-Site Request Forgery (CSRF) vulnerability in Damicms 6.0.0
An issue was discovered in DamiCMS 6.0.0.
network
low complexity
damicms CWE-352
8.8
8.8