Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-07-03 CVE-2018-11636 Cross-Site Request Forgery (CSRF) vulnerability in Dialogic Powermedia XMS 3.5
Cross-site request forgery (CSRF) vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to execute malicious and unauthorized actions.
network
low complexity
dialogic CWE-352
8.8
8.8
2018-07-02 CVE-2018-13067 Cross-Site Request Forgery (CSRF) vulnerability in Opencart
/upload/catalog/controller/account/password.php in OpenCart through 3.0.2.0 has CSRF via the index.php?route=account/password URI to change a user's password.
network
low complexity
opencart CWE-352
8.8
8.8
2018-07-02 CVE-2018-12574 Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16
CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.
network
low complexity
tp-link CWE-352
8.8
8.8
2018-07-02 CVE-2018-12529 Cross-Site Request Forgery (CSRF) vulnerability in Intex N150 Firmware
An issue was discovered on Intex N150 devices.
network
low complexity
intex CWE-352
8.8
8.8
2018-07-01 CVE-2018-13040 Cross-Site Request Forgery (CSRF) vulnerability in Opendesa Opensid 18.06Pasca
OpenSID 18.06-pasca has a CSRF vulnerability.
network
low complexity
opendesa CWE-352
8.8
8.8
2018-07-01 CVE-2018-13032 Cross-Site Request Forgery (CSRF) vulnerability in Ecessa Shieldlink Sl175Ehq Firmware 10.7.4
ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.
network
low complexity
ecessa CWE-352
8.8
8.8
2018-06-29 CVE-2018-13010 Cross-Site Request Forgery (CSRF) vulnerability in Wstmall 1.9.1170316
WSTMall v1.9.1_170316 has CSRF via the index.php?m=Admin&c=Users&a=edit URI to add a user account.
network
low complexity
wstmall CWE-352
8.8
8.8
2018-06-29 CVE-2018-12971 Cross-Site Request Forgery (CSRF) vulnerability in Easycms 1.3
EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to delete users.
network
low complexity
easycms CWE-352
6.5
6.5
2018-06-26 CVE-2018-11447 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Scalance M875 Firmware
A vulnerability has been identified in SCALANCE M875 (All versions).
network
low complexity
siemens CWE-352
8.8
8.8
2018-06-26 CVE-2018-1000514 Cross-Site Request Forgery (CSRF) vulnerability in Limesurvey 3.0.0
LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Boxes that can result in CSRF admins to delete boxes.
network
low complexity
limesurvey CWE-352
4.3
4.3