Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-03-08 | CVE-2018-0210 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Network Manager 10.4(1.128)/10.4(2) A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
2018-03-07 | CVE-2018-7565 | Cross-Site Request Forgery (CSRF) vulnerability in Polycom QDX 6000 Firmware CSRF exists on Polycom QDX 6000 devices. | 8.8 |
2018-03-07 | CVE-2018-7720 | Cross-Site Request Forgery (CSRF) vulnerability in Cobub Razor 0.7.2 A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting in account creation. | 8.8 |
2018-03-07 | CVE-2017-11649 | Cross-Site Request Forgery (CSRF) vulnerability in Draytek Vigorap 910C Firmware 1.2.0 Cross-site request forgery (CSRF) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to hijack the authentication of unspecified users for requests that enable SNMP on the remote device via vectors involving goform/setSnmp. | 8.8 |
2018-03-06 | CVE-2018-7733 | Cross-Site Request Forgery (CSRF) vulnerability in Yxtcmf 3.1 An issue was discovered in YxtCMF 3.1. | 8.8 |
2018-03-06 | CVE-2018-7307 | Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Auth0.Js The Auth0 Auth0.js library before 9.3 has CSRF because it mishandles the case where the authorization response lacks the state parameter. | 8.8 |
2018-03-01 | CVE-2018-7634 | Cross-Site Request Forgery (CSRF) vulnerability in Enalean Tuleap 9.17 An issue was discovered in Enalean Tuleap 9.17. | 8.8 |
2018-03-01 | CVE-2018-7590 | Cross-Site Request Forgery (CSRF) vulnerability in Hoosk 1.7.0 CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation. | 8.8 |
2018-02-28 | CVE-2016-0295 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Bigfix Platform Cross-site request forgery (CSRF) vulnerability in the IBM BigFix Platform 9.0, 9.1, 9.2, and 9.5 before 9.5.2 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 8.8 |
2018-02-23 | CVE-2018-0520 | Cross-Site Request Forgery (CSRF) vulnerability in FSI Fs010W Firmware 1.3.0 Cross-site request forgery (CSRF) vulnerability in FS010W firmware FS010W_00_V1.3.0 and earlier allows an attacker to hijack the authentication of administrators via unspecified vectors. | 8.8 |