Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-27 | CVE-2018-14603 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. | 8.8 |
| 2018-07-24 | CVE-2018-14583 | Cross-Site Request Forgery (CSRF) vulnerability in Xyhcms 3.5 xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account. | 8.8 |
| 2018-07-24 | CVE-2018-14582 | Cross-Site Request Forgery (CSRF) vulnerability in Bagesoft Bagecms 3.1.3 index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account. | 8.8 |
| 2018-07-24 | CVE-2017-3187 | Cross-Site Request Forgery (CSRF) vulnerability in Dotcms The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgery. | 8.8 |
| 2018-07-20 | CVE-2018-14420 | Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 6.0.0 MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index.php, as demonstrated by an admin/index.php?anyid=47&n=admin&c=admin_admin&a=doaddsave URI. | 8.8 |
| 2018-07-18 | CVE-2018-0402 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products Multiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. | 8.8 |
| 2018-07-17 | CVE-2018-14331 | Cross-Site Request Forgery (CSRF) vulnerability in Xiaocms X1 20140305 An issue was discovered in XiaoCms X1 v20140305. | 8.8 |
| 2018-07-15 | CVE-2018-14069 | Cross-Site Request Forgery (CSRF) vulnerability in Srcms Project Srcms 2.3.1 An issue was discovered in SRCMS V2.3.1. | 8.8 |
| 2018-07-15 | CVE-2018-14068 | Cross-Site Request Forgery (CSRF) vulnerability in Srcms Project Srcms 2.3.1 An issue was discovered in SRCMS V2.3.1. | 8.8 |
| 2018-07-13 | CVE-2016-6578 | Cross-Site Request Forgery (CSRF) vulnerability in Filecloud CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request forgery (CSRF) vulnerability. | 8.8 |