Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-24 | CVE-2018-10312 | Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0 index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change the password of a common member. | 8.8 |
| 2018-04-23 | CVE-2018-10233 | Cross-Site Request Forgery (CSRF) vulnerability in Ultimatemember User Profile & Membership The User Profile & Membership plugin before 2.0.7 for WordPress has no mitigations implemented against cross site request forgery attacks. | 8.8 |
| 2018-04-22 | CVE-2018-10295 | Cross-Site Request Forgery (CSRF) vulnerability in Chemcms Project Chemcms 1.0.6 ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account. | 8.8 |
| 2018-04-22 | CVE-2018-10267 | Cross-Site Request Forgery (CSRF) vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI. | 8.8 |
| 2018-04-22 | CVE-2018-10266 | Cross-Site Request Forgery (CSRF) vulnerability in Beescms 4.0 BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/admin_admin.php?nav=list_admin_user&admin_p_nav=user URI. | 8.8 |
| 2018-04-22 | CVE-2018-10265 | Cross-Site Request Forgery (CSRF) vulnerability in Hongcms Project Hongcms 3.0.0 An issue was discovered in HongCMS v3.0.0. | 8.8 |
| 2018-04-20 | CVE-2018-10249 | Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 3.0 baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account. | 8.8 |
| 2018-04-20 | CVE-2018-10248 | Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0 An issue was discovered in WUZHI CMS 4.1.0. | 6.5 |
| 2018-04-19 | CVE-2018-0259 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Mate Collector 7.1 A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-04-19 | CVE-2018-0255 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS 15.2(5)E A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 8.8 |