Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-11-06 CVE-2018-12413 Cross-Site Request Forgery (CSRF) vulnerability in Tibco Messaging - Apache Kafka Distribution - Schema Repository 1.0.0
The Schema repository server (tibschemad) component of TIBCO Software Inc.'s TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Community Edition, and TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.
network
low complexity
tibco CWE-352
8.8
2018-11-06 CVE-2018-12412 Cross-Site Request Forgery (CSRF) vulnerability in Tibco FTL
The realm server (tibrealmserver) component of TIBCO Software Inc.
network
low complexity
tibco CWE-352
8.8
2018-11-06 CVE-2018-12411 Cross-Site Request Forgery (CSRF) vulnerability in Tibco Activespaces
The administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.
network
low complexity
tibco CWE-352
8.8
2018-11-05 CVE-2018-18935 Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1
An issue was discovered in PopojiCMS v2.0.1.
network
low complexity
popojicms CWE-352
8.8
2018-11-01 CVE-2018-6907 Cross-Site Request Forgery (CSRF) vulnerability in Rainmachine web Application
A Cross Site Request Forgery (CSRF) vulnerability in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allows an attacker to control the RainMachine device via the REST API.
network
low complexity
rainmachine CWE-352
8.8
2018-10-30 CVE-2018-18842 Cross-Site Request Forgery (CSRF) vulnerability in Zblogcn Z-Blogphp 1.5.2.1935(Zero)
CSRF exists in zb_users/plugin/AppCentre/theme.js.php in Z-BlogPHP 1.5.2.1935 (Zero), which allows remote attackers to execute arbitrary PHP code.
network
low complexity
zblogcn CWE-352
8.8
2018-10-29 CVE-2018-18742 Cross-Site Request Forgery (CSRF) vulnerability in Sem-Cms Semcms 3.4
A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI.
network
low complexity
sem-cms CWE-352
8.8
2018-10-29 CVE-2018-18735 Cross-Site Request Forgery (CSRF) vulnerability in Catfish-Cms Catfish Blog 2.0.33
A CSRF issue was discovered in admin/Index/tiquan in catfish blog 2.0.33.
network
low complexity
catfish-cms CWE-352
8.8
2018-10-29 CVE-2018-18734 Cross-Site Request Forgery (CSRF) vulnerability in Catfish-Cms Catfish CMS 4.8.30
A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30.
network
low complexity
catfish-cms CWE-352
8.8
2018-10-29 CVE-2018-18712 Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms 4.1.0
An issue was discovered in WUZHI CMS 4.1.0.
network
low complexity
wuzhicms CWE-352
8.8