Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-25 | CVE-2018-12603 | Cross-Site Request Forgery (CSRF) vulnerability in Lfdycms Lfcms 3.7.0 Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114. | 8.8 |
| 2018-06-25 | CVE-2018-12602 | Cross-Site Request Forgery (CSRF) vulnerability in Lfdycms Lfcms 3.7.0 A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. | 8.8 |
| 2018-06-22 | CVE-2018-12659 | Cross-Site Request Forgery (CSRF) vulnerability in Slims Akasia Project Slims Akasia 8.3.1 SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protection mechanism and obtain admin access by omitting the csrf_token parameter. | 8.8 |
| 2018-06-21 | CVE-2018-0365 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-06-21 | CVE-2018-0364 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-06-21 | CVE-2018-0363 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager IM and Presence Service 11.5(1) A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-06-20 | CVE-2018-6563 | Cross-Site Request Forgery (CSRF) vulnerability in Totemo Encryption Gateway 6.0.0 Multiple cross-site request forgery (CSRF) vulnerabilities in totemomail Encryption Gateway before 6.0.0_Build_371 allow remote attackers to hijack the authentication of users for requests that (1) change user settings, (2) send emails, or (3) change contact information by leveraging lack of an anti-CSRF token. | 8.8 |
| 2018-06-19 | CVE-2018-12583 | Cross-Site Request Forgery (CSRF) vulnerability in Akcms Project Akcms 6.1 An issue was discovered in AKCMS 6.1. | 6.5 |
| 2018-06-19 | CVE-2018-12582 | Cross-Site Request Forgery (CSRF) vulnerability in Akcms Project Akcms 6.1 An issue was discovered in AKCMS 6.1. | 8.8 |
| 2018-06-14 | CVE-2018-12114 | Cross-Site Request Forgery (CSRF) vulnerability in Maccms 10.0 Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts. | 8.8 |