Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-07-18 CVE-2018-0402 Cross-Site Request Forgery (CSRF) vulnerability in Cisco products
Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack.
network
low complexity
cisco CWE-352
8.8
8.8
2018-07-17 CVE-2018-14331 Cross-Site Request Forgery (CSRF) vulnerability in Xiaocms X1 20140305
An issue was discovered in XiaoCms X1 v20140305.
network
low complexity
xiaocms CWE-352
8.8
8.8
2018-07-15 CVE-2018-14069 Cross-Site Request Forgery (CSRF) vulnerability in Srcms Project Srcms 2.3.1
An issue was discovered in SRCMS V2.3.1.
network
low complexity
srcms-project CWE-352
8.8
8.8
2018-07-15 CVE-2018-14068 Cross-Site Request Forgery (CSRF) vulnerability in Srcms Project Srcms 2.3.1
An issue was discovered in SRCMS V2.3.1.
network
low complexity
srcms-project CWE-352
8.8
8.8
2018-07-13 CVE-2016-6578 Cross-Site Request Forgery (CSRF) vulnerability in Filecloud
CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request forgery (CSRF) vulnerability.
network
low complexity
filecloud CWE-352
8.8
8.8
2018-07-13 CVE-2016-6557 Cross-Site Request Forgery (CSRF) vulnerability in Asus products
In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user.
network
low complexity
asus CWE-352
8.8
8.8
2018-07-13 CVE-2018-1000206 Cross-Site Request Forgery (CSRF) vulnerability in Jfrog Artifactory
JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user.
network
low complexity
jfrog CWE-352
8.8
8.8
2018-07-13 CVE-2018-14029 Cross-Site Request Forgery (CSRF) vulnerability in Creatiwity Witycms 0.6.2
CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.
network
low complexity
creatiwity CWE-352
8.8
8.8
2018-07-12 CVE-2018-14014 Cross-Site Request Forgery (CSRF) vulnerability in Super CMS Project Super CMS 20150505
In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd.
network
low complexity
super-cms-project CWE-352
8.8
8.8
2018-07-12 CVE-2018-12540 Cross-Site Request Forgery (CSRF) vulnerability in Eclipse Vert.X
In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter.
network
low complexity
eclipse CWE-352
8.8
8.8