Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-07-12 CVE-2018-10895 Cross-Site Request Forgery (CSRF) vulnerability in Qutebrowser
qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs.
network
low complexity
qutebrowser CWE-352
8.8
8.8
2018-07-11 CVE-2018-10232 Cross-Site Request Forgery (CSRF) vulnerability in Topdesk 5.7/8.05.001/8.05.016
Cross-site request forgery (CSRF) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to hijack the authentication of authenticated users for requests that can obtain sensitive information via unspecified vectors.
network
low complexity
topdesk CWE-352
6.5
6.5
2018-07-11 CVE-2018-13989 Cross-Site Request Forgery (CSRF) vulnerability in Arcelikas Grundig Smart Inter@Ctive Firmware 3.0
Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085 containing a predictable ID value, as demonstrated by a /sendrcpackage?keyid=-2544&keysymbol=-4081 request to shut off the device.
network
low complexity
arcelikas CWE-352
8.8
8.8
2018-07-09 CVE-2018-13793 Cross-Site Request Forgery (CSRF) vulnerability in Abbyy Flexicapture
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.
network
low complexity
abbyy CWE-352
8.8
8.8
2018-07-08 CVE-2018-13445 Cross-Site Request Forgery (CSRF) vulnerability in Seacms 6.61
An issue was discovered in SeaCMS 6.61.
network
low complexity
seacms CWE-352
8.8
8.8
2018-07-08 CVE-2018-13444 Cross-Site Request Forgery (CSRF) vulnerability in Seacms 6.61
An issue was discovered in SeaCMS 6.61.
network
low complexity
seacms CWE-352
8.8
8.8
2018-07-07 CVE-2018-11349 Cross-Site Request Forgery (CSRF) vulnerability in Jirafeau
The administration panel of Jirafeau before 3.4.1 is vulnerable to three CSRF attacks on search functionalities: search_by_name, search_by_hash, and search_link.
network
low complexity
jirafeau CWE-352
8.8
8.8
2018-07-06 CVE-2018-13407 Cross-Site Request Forgery (CSRF) vulnerability in Jirafeau
A CSRF issue was discovered in Jirafeau before 3.4.1.
network
low complexity
jirafeau CWE-352
4.9
4.9
2018-07-05 CVE-2018-13340 Cross-Site Request Forgery (CSRF) vulnerability in Gleeztech Gleez CMS 1.2.0
Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request.
network
low complexity
gleeztech CWE-352
8.8
8.8
2018-07-05 CVE-2018-13031 Cross-Site Request Forgery (CSRF) vulnerability in Damicms 6.0.0
DamiCMS v6.0.0 aand 6.1.0 allows CSRF via admin.php?s=/Admin/doadd to add an administrator account.
network
low complexity
damicms CWE-352
8.8
8.8