Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-04-27 CVE-2018-10503 Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 41420170105
An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105.
network
low complexity
baijiacms-project CWE-352
8.8
2018-04-27 CVE-2018-1479 Cross-Site Request Forgery (CSRF) vulnerability in IBM Bigfix Platform
IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2018-04-24 CVE-2018-10312 Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0
index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change the password of a common member.
network
low complexity
wuzhicms CWE-352
8.8
2018-04-23 CVE-2018-10233 Cross-Site Request Forgery (CSRF) vulnerability in Ultimatemember User Profile & Membership
The User Profile & Membership plugin before 2.0.7 for WordPress has no mitigations implemented against cross site request forgery attacks.
network
low complexity
ultimatemember CWE-352
8.8
2018-04-22 CVE-2018-10295 Cross-Site Request Forgery (CSRF) vulnerability in Chemcms Project Chemcms 1.0.6
ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account.
network
low complexity
chemcms-project CWE-352
8.8
2018-04-22 CVE-2018-10267 Cross-Site Request Forgery (CSRF) vulnerability in Wtcms Project Wtcms 1.0
WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI.
network
low complexity
wtcms-project CWE-352
8.8
2018-04-22 CVE-2018-10266 Cross-Site Request Forgery (CSRF) vulnerability in Beescms 4.0
BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/admin_admin.php?nav=list_admin_user&admin_p_nav=user URI.
network
low complexity
beescms CWE-352
8.8
2018-04-22 CVE-2018-10265 Cross-Site Request Forgery (CSRF) vulnerability in Hongcms Project Hongcms 3.0.0
An issue was discovered in HongCMS v3.0.0.
network
low complexity
hongcms-project CWE-352
8.8
2018-04-20 CVE-2018-10249 Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 3.0
baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account.
network
low complexity
baijiacms-project CWE-352
8.8
2018-04-20 CVE-2018-10248 Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0
An issue was discovered in WUZHI CMS 4.1.0.
network
low complexity
wuzhicms CWE-352
6.5