Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-22	CVE-2018-11371	Cross-Site Request Forgery (CSRF) vulnerability in Skycaiji 1.2 SkyCaiji 1.2 allows CSRF to add an Administrator user. network low complexity skycaiji CWE-352	8.8
2018-05-21	CVE-2018-11096	Cross-Site Request Forgery (CSRF) vulnerability in Horse Market Sell & Rent Portal Project Horse Market Sell & Rent Portal 1.5.7 Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF vulnerability through which an attacker can change all of the target's account information remotely. network low complexity horse-market-sell-rent-portal-project CWE-352	6.5
2018-05-21	CVE-2018-11092	Cross-Site Request Forgery (CSRF) vulnerability in Admin Notes Project Admin Notes 1.1 An issue was discovered in the Admin Notes plugin 1.1 for MyBB. network low complexity admin-notes-project CWE-352	6.5
2018-05-17	CVE-2018-1434	Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. network low complexity ibm CWE-352	8.8
2018-05-17	CVE-2018-0270	Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOT Field Network Director 4.2(0.4) A vulnerability in the web-based management interface of Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and alter the data of existing users and groups on an affected device. network low complexity cisco CWE-352	8.8
2018-05-15	CVE-2017-2613	Cross-Site Request Forgery (CSRF) vulnerability in Jenkins jenkins before versions 2.44, 2.32.2 is vulnerable to a user creation CSRF using GET by admins. network low complexity jenkins CWE-352	5.4
2018-05-15	CVE-2018-11127	Cross-Site Request Forgery (CSRF) vulnerability in E107 2.1.7 e107 2.1.7 has CSRF resulting in arbitrary user deletion. network low complexity e107 CWE-352	6.5
2018-05-15	CVE-2018-11126	Cross-Site Request Forgery (CSRF) vulnerability in Doorgets 7.0 dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account. network low complexity doorgets CWE-352	8.8
2018-05-14	CVE-2017-12126	Cross-Site Request Forgery (CSRF) vulnerability in Moxa Edr-810 Firmware 4.1 An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. network low complexity moxa CWE-352	8.8
2018-05-13	CVE-2018-11018	Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.0.7 An issue was discovered in PbootCMS v1.0.7. network low complexity pbootcms CWE-352	8.8