Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-01 | CVE-2018-15702 | Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link Tl-Wrn841N Firmware 0.9.14.16V0348.0 The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to CSRF due to insufficient validation of the referer field. | 8.8 |
| 2018-10-01 | CVE-2018-17826 | Cross-Site Request Forgery (CSRF) vulnerability in Hisiphp 1.0.8 HisiPHP 1.0.8 allows CSRF via admin.php/admin/user/adduser.html to add an administrator account. | 8.8 |
| 2018-09-26 | CVE-2018-17081 | Cross-Site Request Forgery (CSRF) vulnerability in E107 2.1.9 e107 2.1.9 allows CSRF via e107_admin/wmessage.php?mode=&action=inline&ajax_used=1&id= for changing the title of an arbitrary page. | 4.3 |
| 2018-09-26 | CVE-2017-15608 | Cross-Site Request Forgery (CSRF) vulnerability in Inedo Proget Inedo ProGet before 5.0 Beta5 has CSRF, allowing an attacker to change advanced settings. | 6.5 |
| 2018-09-26 | CVE-2018-8844 | Cross-Site Request Forgery (CSRF) vulnerability in Philips E-Alert Firmware 2.1/R2.1 Philips e-Alert Unit (non-medical device), Version R2.1 and prior. | 8.8 |
| 2018-09-23 | CVE-2018-17366 | Cross-Site Request Forgery (CSRF) vulnerability in Mcms Project Mcms 4.6.5 An issue was discovered in MCMS 4.6.5. | 8.8 |
| 2018-09-21 | CVE-2018-15612 | Cross-Site Request Forgery (CSRF) vulnerability in Avaya Orchestration Designer 7.1 A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an attacker to add, change, or remove administrative settings. | 8.8 |
| 2018-09-20 | CVE-2018-6504 | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Arcsight Management Center A potential Cross-Site Request Forgery (CSRF) vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. | 8.8 |
| 2018-09-18 | CVE-2018-13398 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Fisheye The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability. | 6.5 |
| 2018-09-18 | CVE-2018-16952 | Cross-Site Request Forgery (CSRF) vulnerability in Oracle Webcenter Interaction 10.3.3 The Oracle WebCenter Interaction Portal 10.3.3 does not implement protection against Cross-site Request Forgery in its design. | 8.8 |