Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-01-03 CVE-2017-1000499 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness.
network
low complexity
phpmyadmin CWE-352
8.8
2018-01-02 CVE-2017-1000432 Cross-Site Request Forgery (CSRF) vulnerability in Vanillaforums Vanilla Forums
Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting topics and comments from forums Admin access
network
low complexity
vanillaforums CWE-352
8.0
2017-12-30 CVE-2017-17990 Cross-Site Request Forgery (CSRF) vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
network
low complexity
iwcnetwork CWE-352
8.8
2017-12-30 CVE-2017-17982 Cross-Site Request Forgery (CSRF) vulnerability in Muslim Matrimonial Script Project Muslim Matrimonial Script 3.0.3
PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php.
6.8
2017-12-29 CVE-2014-0120 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Cross-site request forgery (CSRF) vulnerability in the admin terminal in Hawt.io allows remote attackers to hijack the authentication of arbitrary users for requests that run commands on the Karaf server, as demonstrated by running "shutdown -f."
network
low complexity
hawt redhat CWE-352
8.8
2017-12-28 CVE-2017-17960 Cross-Site Request Forgery (CSRF) vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.
8.8
2017-12-28 CVE-2017-17939 Cross-Site Request Forgery (CSRF) vulnerability in Single Theater Booking Script Project Single Theater Booking Script 3.2.2
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
8.8
2017-12-28 CVE-2017-17936 Cross-Site Request Forgery (CSRF) vulnerability in Vanguard Project Marketplace Digital products PHP
Vanguard Marketplace Digital Products PHP has CSRF via /search.
network
low complexity
vanguard-project CWE-352
8.8
2017-12-27 CVE-2017-17930 Cross-Site Request Forgery (CSRF) vulnerability in Ordermanagementscript Professional Service Script
PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel.
network
low complexity
ordermanagementscript CWE-352
8.8
2017-12-27 CVE-2017-17908 Cross-Site Request Forgery (CSRF) vulnerability in Responsive Realestate Script Project Responsive Realestate Script 3.3.3
PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general.
8.8