Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-06 | CVE-2018-14978 | Cross-Site Request Forgery (CSRF) vulnerability in Q-Cms Qcms 3.0.1 An issue was discovered in QCMS 3.0.1. | 8.8 |
| 2018-08-06 | CVE-2018-14966 | Cross-Site Request Forgery (CSRF) vulnerability in Emlsoft Project Emlsoft 5.4.5 An issue was discovered in EMLsoft 5.4.5. | 8.8 |
| 2018-08-06 | CVE-2018-14965 | Cross-Site Request Forgery (CSRF) vulnerability in Emlsoft Project Emlsoft 5.4.5 An issue was discovered in EMLsoft 5.4.5. | 8.8 |
| 2018-08-06 | CVE-2018-14963 | Cross-Site Request Forgery (CSRF) vulnerability in Zzcms 8.3. zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI. | 8.8 |
| 2018-08-06 | CVE-2018-14960 | Cross-Site Request Forgery (CSRF) vulnerability in Xiao5Ucompany Project Xiao5Ucompany 1.7 Xiao5uCompany 1.7 has CSRF via admin/Admin.asp. | 8.8 |
| 2018-08-05 | CVE-2018-14959 | Cross-Site Request Forgery (CSRF) vulnerability in Weaselcms Project Weaselcms 0.3.5 An issue was discovered in WeaselCMS v0.3.5. | 8.8 |
| 2018-08-05 | CVE-2018-14958 | Cross-Site Request Forgery (CSRF) vulnerability in Weaselcms Project Weaselcms 0.3.5 An issue was discovered in WeaselCMS v0.3.5. | 8.8 |
| 2018-08-03 | CVE-2018-14926 | Cross-Site Request Forgery (CSRF) vulnerability in Matera Banco 1.0.0 Matera Banco 1.0.0 allows CSRF, as demonstrated by a /contingency/web/messageSend/messageSendHandler.jsp request. | 8.8 |
| 2018-08-03 | CVE-2018-14908 | Cross-Site Request Forgery (CSRF) vulnerability in Samsung Syncthru web Service 4.05.61 Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action. | 8.8 |
| 2018-08-01 | CVE-2018-0413 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |