Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-10 | CVE-2018-15187 | Cross-Site Request Forgery (CSRF) vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.9 PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php. | 8.0 |
| 2018-08-10 | CVE-2018-15186 | Cross-Site Request Forgery (CSRF) vulnerability in Chartered Accountant : Auditor Website Project Chartered Accountant : Auditor Website 2.0.1 PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php. | 8.8 |
| 2018-08-08 | CVE-2018-15203 | Cross-Site Request Forgery (CSRF) vulnerability in Ignitedcms 1.0.0/1.0.1/20170219 An issue was discovered in Ignited CMS through 2017-02-19. | 6.5 |
| 2018-08-08 | CVE-2018-15202 | Cross-Site Request Forgery (CSRF) vulnerability in Juunan06 Ecommerce 20180805 An issue was discovered in Juunan06 eCommerce through 2018-08-05. | 6.3 |
| 2018-08-08 | CVE-2018-15198 | Cross-Site Request Forgery (CSRF) vulnerability in Onethink 1.1 An issue was discovered in OneThink v1.1. | 8.8 |
| 2018-08-08 | CVE-2018-15197 | Cross-Site Request Forgery (CSRF) vulnerability in Onethink 1.1 An issue was discovered in OneThink v1.1. | 8.8 |
| 2018-08-08 | CVE-2018-15193 | Cross-Site Request Forgery (CSRF) vulnerability in Gogs 0.11.53 A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link. | 8.8 |
| 2018-08-08 | CVE-2018-15177 | Cross-Site Request Forgery (CSRF) vulnerability in Gxlcms 2.0 In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account. | 8.8 |
| 2018-08-08 | CVE-2013-7464 | Cross-Site Request Forgery (CSRF) vulnerability in Csrf-Magic Project Csrf-Magic In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not configured, the Anti-CSRF Token used is predictable and would permit an attacker to bypass the CSRF protections, because an automatically generated secret is not used. | 8.8 |
| 2018-08-06 | CVE-2018-7060 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. | 8.8 |