Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-15 | CVE-2018-8717 | Cross-Site Request Forgery (CSRF) vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0 joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator account via a manager/admin_ajax.php?action=save&tab={pre}manager request. | 8.8 |
| 2018-03-15 | CVE-2018-7701 | Cross-Site Request Forgery (CSRF) vulnerability in Securenvoy Securmail Multiple cross-site request forgery (CSRF) vulnerabilities in SecurEnvoy SecurMail before 9.2.501 allow remote attackers to hijack the authentication of arbitrary users for requests that (1) delete e-mail messages via a delete action in a request to secmail/getmessage.exe or (2) spoof arbitrary users and reply to their messages via a request to secserver/securectrl.exe. | 6.5 |
| 2018-03-14 | CVE-2018-7677 | Cross-Site Request Forgery (CSRF) vulnerability in Netiq Access Manager 4.4 A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. | 8.8 |
| 2018-03-13 | CVE-2018-1000093 | Cross-Site Request Forgery (CSRF) vulnerability in Cryptonote 0.8.9 CryptoNote version version 0.8.9 and possibly later contain a local RPC server which does not require authentication, as a result the walletd and the simplewallet RPC daemons will process any commands sent to them, resulting in remote command execution and a takeover of the cryptocurrency wallet if an attacker can trick an application such as a web browser into connecting and sending a command for example. | 8.8 |
| 2018-03-13 | CVE-2018-1000092 | Cross-Site Request Forgery (CSRF) vulnerability in Cmsmadesimple CMS Made Simple 2.2.5 CMS Made Simple version versions 2.2.5 contains a Cross ite Request Forgery (CSRF) vulnerability in Admin profile page that can result in Details can be found here http://dev.cmsmadesimple.org/bug/view/11715. | 8.8 |
| 2018-03-13 | CVE-2018-1000086 | Cross-Site Request Forgery (CSRF) vulnerability in NPR Pym.Js NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function. | 8.8 |
| 2018-03-13 | CVE-2018-1000082 | Cross-Site Request Forgery (CSRF) vulnerability in Ajenti 2 Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerability in the command execution panel of the tool used to manage the server. | 8.8 |
| 2018-03-09 | CVE-2016-0272 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager Cross-site request forgery (CSRF) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors. | 8.0 |
| 2018-03-08 | CVE-2018-1442 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Monitoring 8.1.4 IBM Application Performance Management - Response Time Monitoring Agent (IBM Monitoring 8.1.4) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2018-03-08 | CVE-2017-7641 | Cross-Site Request Forgery (CSRF) vulnerability in Qnap Media Streaming Add-On QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not utilize CSRF protections. | 8.8 |