Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-08 | CVE-2018-16732 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1 \upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftp_save. | 8.8 |
| 2018-09-07 | CVE-2018-0647 | Cross-Site Request Forgery (CSRF) vulnerability in Asus Wl-330Nul Firmware 3.0.0.41 Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2018-09-07 | CVE-2018-16650 | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq phpMyFAQ before 2.9.11 allows CSRF. | 8.8 |
| 2018-09-06 | CVE-2018-1000669 | Cross-Site Request Forgery (CSRF) vulnerability in Koha KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Request Forgery (CSRF) vulnerability in /cgi-bin/koha/members/paycollect.pl Parameters affected: borrowernumber, amount, amountoutstanding, paid that can result in Attackers can mark payments as paid for certain users on behalf of Administrators. | 8.8 |
| 2018-09-05 | CVE-2018-16552 | Cross-Site Request Forgery (CSRF) vulnerability in Micropyramid Django CRM 0.2 MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs. | 8.8 |
| 2018-09-05 | CVE-2018-15682 | Cross-Site Request Forgery (CSRF) vulnerability in Btiteam Xbtit 2.5.4 An issue was discovered in BTITeam XBTIT. | 8.8 |
| 2018-09-05 | CVE-2018-14769 | Cross-Site Request Forgery (CSRF) vulnerability in Vivotek Camera VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. | 8.8 |
| 2018-09-04 | CVE-2018-16458 | Cross-Site Request Forgery (CSRF) vulnerability in Baigo CMS 2.1.1 An issue was discovered in baigo CMS v2.1.1. | 6.5 |
| 2018-09-04 | CVE-2018-16449 | Cross-Site Request Forgery (CSRF) vulnerability in Onethink 1.1.141212 OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a blog via admin.php?s=/Article/update.html, and setting the audit state via admin.php?s=/Article/setStatus/status/1.html. | 6.5 |
| 2018-09-04 | CVE-2018-16448 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.0 Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save. | 8.8 |