Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-11-16 CVE-2018-18794 Cross-Site Request Forgery (CSRF) vulnerability in School Event Management System Project School Event Management System 1.0
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit. 		8.8
8.8
2018-11-16 CVE-2018-18760 Cross-Site Request Forgery (CSRF) vulnerability in Saltos Rhinos 3.0
RhinOS 3.0 build 1190 allows CSRF.
network
low complexity
saltos CWE-352
6.5
6.5
2018-11-15 CVE-2018-19291 Cross-Site Request Forgery (CSRF) vulnerability in Dilicms 2.4.0
An issue was discovered in DiliCMS 2.4.0.
network
low complexity
dilicms CWE-352
6.5
6.5
2018-11-13 CVE-2018-12416 Cross-Site Request Forgery (CSRF) vulnerability in Tibco Datasynapse Gridserver Manager
The GridServer Broker and GridServer Director components of TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an unauthenticated user to perform cross-site request forgery (CSRF).
network
low complexity
tibco CWE-352
8.8
8.8
2018-11-12 CVE-2018-19225 Cross-Site Request Forgery (CSRF) vulnerability in Laobancms 2.0
An issue was discovered in LAOBANCMS 2.0.
network
low complexity
laobancms CWE-352
8.8
8.8
2018-11-12 CVE-2018-19192 Cross-Site Request Forgery (CSRF) vulnerability in Xiaocms 20141229
An issue was discovered in XiaoCms 20141229.
network
low complexity
xiaocms CWE-352
8.8
8.8
2018-11-11 CVE-2018-19135 Cross-Site Request Forgery (CSRF) vulnerability in Clippercms 1.3.3
ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default).
network
low complexity
clippercms CWE-352
8.8
8.8
2018-11-10 CVE-2017-17550 Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Zywall USG 100 Firmware 2.12(Aqq.2)/3.30(Aqq.7)
ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account.
network
low complexity
zyxel CWE-352
8.8
8.8
2018-11-09 CVE-2018-19138 Cross-Site Request Forgery (CSRF) vulnerability in Wstmart 2.0.7
WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI.
network
low complexity
wstmart CWE-352
8.8
8.8
2018-11-08 CVE-2018-15445 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Energy Management Suite Software
A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.
network
low complexity
cisco CWE-352
8.0
8.0