Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-09 | CVE-2018-18191 | Cross-Site Request Forgery (CSRF) vulnerability in Finecms 5.4 Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member&m=edit&uid=1 in dayrui FineCms 5.4 allows remote attackers to change the administrator's password. | 8.8 |
| 2018-10-09 | CVE-2018-2474 | Cross-Site Request Forgery (CSRF) vulnerability in SAP Fiori 1.0 SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintended request to the web server. | 6.5 |
| 2018-10-05 | CVE-2018-15401 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hosted Collaboration Mediation Fulfillment 11.5(2)/11.5(3)/12.5(1) A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 6.5 |
| 2018-10-05 | CVE-2018-0451 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Tetration Analytics 2.0(2.20)/2.1(1.31) A vulnerability in the web-based management interface of Cisco Tetration Analytics could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-10-05 | CVE-2018-0446 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Network Level Service 1.5(0.128) A vulnerability in the web-based management interface of Cisco Industrial Network Director could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-10-05 | CVE-2018-0445 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Packaged Contact Center Enterprise 11.6(1) A vulnerability in the web-based management interface of Cisco Packaged Contact Center Enterprise could allow an unauthenticated, remote attacker to conduct a CSRF attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-10-05 | CVE-2018-0439 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Meeting Server A vulnerability in the web-based management interface of Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-10-05 | CVE-2018-17986 | Cross-Site Request Forgery (CSRF) vulnerability in Razorcms 3.4.8 rars/user/data in razorCMS 3.4.8 allows CSRF for changing the password of an admin user. | 8.8 |
| 2018-10-03 | CVE-2018-5921 | Cross-Site Request Forgery (CSRF) vulnerability in HP products A potential security vulnerability has been identified with certain HP printers and MFPs in 2405129_000052 and other firmware versions. | 8.8 |
| 2018-10-01 | CVE-2018-17869 | Cross-Site Request Forgery (CSRF) vulnerability in Dasan H660Gw Firmware DASAN H660GW devices do not implement any CSRF protection mechanism. | 8.8 |