Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-02 | CVE-2018-16337 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1.8 An issue was discovered in Cscms V4.1.8. | 6.5 |
| 2018-09-02 | CVE-2018-16332 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.9 An issue was discovered in iCMS 7.0.9. | 8.8 |
| 2018-09-02 | CVE-2018-16331 | Cross-Site Request Forgery (CSRF) vulnerability in Damicms 6.0.0 admin.php?s=/Admin/doedit in DamiCMS v6.0.0 allows CSRF to change the administrator account's password. | 8.8 |
| 2018-09-01 | CVE-2018-16315 | Cross-Site Request Forgery (CSRF) vulnerability in Bijiadao Waimai Super CMS 20150505 In waimai Super Cms 20150505, there is a CSRF vulnerability that can change the configuration via admin.php?m=Config&a=add. | 6.5 |
| 2018-09-01 | CVE-2018-16314 | Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0.11 An issue was discovered in admincp.php in idreamsoft iCMS 7.0.11. | 8.8 |
| 2018-08-30 | CVE-2018-11718 | Cross-Site Request Forgery (CSRF) vulnerability in Xovis PC2 Firmware, Pc2R Firmware and PC3 Firmware Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow CSRF. | 8.8 |
| 2018-08-29 | CVE-2018-15121 | Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Aspnet and Aspnet-Owin An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin. | 8.8 |
| 2018-08-28 | CVE-2018-15901 | Cross-Site Request Forgery (CSRF) vulnerability in E107 2.1.8 e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators. | 8.8 |
| 2018-08-28 | CVE-2014-6046 | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ before 2.8.13 allow remote attackers to hijack the authentication of unspecified users for requests that (1) delete active users by leveraging improper validation of CSRF tokens or that (2) delete open questions, (3) activate users, (4) publish FAQs, (5) add or delete Glossary, (6) add or delete FAQ news, or (7) add or delete comments or add votes by leveraging lack of a CSRF token. | 8.8 |
| 2018-08-25 | CVE-2018-15851 | Cross-Site Request Forgery (CSRF) vulnerability in Flexocms Project Flexo CMS 0.1.6 An issue was discovered in Flexo CMS v0.1.6. | 8.8 |