Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-26 | CVE-2018-11447 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens Scalance M875 Firmware A vulnerability has been identified in SCALANCE M875 (All versions). | 8.8 |
| 2018-06-26 | CVE-2018-1000514 | Cross-Site Request Forgery (CSRF) vulnerability in Limesurvey 3.0.0 LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Boxes that can result in CSRF admins to delete boxes. | 4.3 |
| 2018-06-26 | CVE-2018-1000507 | Cross-Site Request Forgery (CSRF) vulnerability in JJJ WP User Groups 2.0.0 WP User Groups version 2.0.0 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in allows anybody to modify user groups and types. | 6.5 |
| 2018-06-26 | CVE-2018-1000506 | Cross-Site Request Forgery (CSRF) vulnerability in Mediaron Metronet TAG Manager 1.2.7 Metronet Tag Manager version 1.2.7 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page /wp-admin/options-general.php?page=metronet-tag-manager that can result in allows anybody to do almost anything an admin can. | 8.8 |
| 2018-06-26 | CVE-2018-1000505 | Cross-Site Request Forgery (CSRF) vulnerability in Tooltipy 5.0 Tooltipy (tooltips for WP) version 5 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in could allow anybody to duplicate posts. | 6.5 |
| 2018-06-25 | CVE-2018-12603 | Cross-Site Request Forgery (CSRF) vulnerability in Lfdycms Lfcms 3.7.0 Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114. | 8.8 |
| 2018-06-25 | CVE-2018-12602 | Cross-Site Request Forgery (CSRF) vulnerability in Lfdycms Lfcms 3.7.0 A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. | 8.8 |
| 2018-06-22 | CVE-2018-12659 | Cross-Site Request Forgery (CSRF) vulnerability in Slims Akasia Project Slims Akasia 8.3.1 SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protection mechanism and obtain admin access by omitting the csrf_token parameter. | 8.8 |
| 2018-06-21 | CVE-2018-0365 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-06-21 | CVE-2018-0364 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |