Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-05 | CVE-2018-10758 | Cross-Site Request Forgery (CSRF) vulnerability in Datenstrom Yellow 0.7.3 The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete action that can delete articles. | 6.5 |
| 2018-05-03 | CVE-2018-10166 | Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link EAP Controller 2.5.4/2.6.0 The web management interface in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows does not have Anti-CSRF tokens in any forms. | 8.8 |
| 2018-05-01 | CVE-2013-0185 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Manageiq Enterprise Virtualization Manager Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | 8.8 |
| 2018-04-27 | CVE-2018-10503 | Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 41420170105 An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. | 8.8 |
| 2018-04-27 | CVE-2018-1479 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Bigfix Platform IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2018-04-24 | CVE-2018-10312 | Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0 index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change the password of a common member. | 8.8 |
| 2018-04-23 | CVE-2018-10233 | Cross-Site Request Forgery (CSRF) vulnerability in Ultimatemember User Profile & Membership The User Profile & Membership plugin before 2.0.7 for WordPress has no mitigations implemented against cross site request forgery attacks. | 8.8 |
| 2018-04-22 | CVE-2018-10295 | Cross-Site Request Forgery (CSRF) vulnerability in Chemcms Project Chemcms 1.0.6 ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account. | 8.8 |
| 2018-04-22 | CVE-2018-10267 | Cross-Site Request Forgery (CSRF) vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI. | 8.8 |
| 2018-04-22 | CVE-2018-10266 | Cross-Site Request Forgery (CSRF) vulnerability in Beescms 4.0 BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/admin_admin.php?nav=list_admin_user&admin_p_nav=user URI. | 8.8 |