Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-15	CVE-2018-13393	Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Questions for Confluence The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability. network low complexity atlassian CWE-352	6.5
2018-08-14	CVE-2018-2442	Cross-Site Request Forgery (CSRF) vulnerability in SAP products In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid. network low complexity sap CWE-352	8.8
2018-08-14	CVE-2018-7097	Cross-Site Request Forgery (CSRF) vulnerability in HP 3Par Service Provider Sp4.2.0/Sp4.3.0/Sp4.4.0 A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). network low complexity hp CWE-352	8.8
2018-08-10	CVE-2018-14783	Cross-Site Request Forgery (CSRF) vulnerability in Netcommwireless Nwl-25 Firmware 2.0.29.11 NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. network low complexity netcommwireless CWE-352	8.8
2018-08-10	CVE-2018-15187	Cross-Site Request Forgery (CSRF) vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9 PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php. network low complexity advanced-real-estate-script-project CWE-352	8.0
2018-08-10	CVE-2018-15186	Cross-Site Request Forgery (CSRF) vulnerability in Chartered Accountant : Auditor Website Project Chartered Accountant : Auditor Website 2.0.1 PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php. network low complexity chartered-accountant CWE-352	8.8
2018-08-08	CVE-2018-15203	Cross-Site Request Forgery (CSRF) vulnerability in Ignitedcms 1.0.0/1.0.1/20170219 An issue was discovered in Ignited CMS through 2017-02-19. network low complexity ignitedcms CWE-352	6.5
2018-08-08	CVE-2018-15202	Cross-Site Request Forgery (CSRF) vulnerability in Juunan06 Ecommerce 20180805 An issue was discovered in Juunan06 eCommerce through 2018-08-05. network low complexity juunan06 CWE-352	6.3
2018-08-08	CVE-2018-15198	Cross-Site Request Forgery (CSRF) vulnerability in Onethink 1.1 An issue was discovered in OneThink v1.1. network low complexity onethink CWE-352	8.8
2018-08-08	CVE-2018-15197	Cross-Site Request Forgery (CSRF) vulnerability in Onethink 1.1 An issue was discovered in OneThink v1.1. network low complexity onethink CWE-352	8.8