Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-28 | CVE-2017-17936 | Cross-Site Request Forgery (CSRF) vulnerability in Vanguard Project Marketplace Digital products PHP Vanguard Marketplace Digital Products PHP has CSRF via /search. | 8.8 |
| 2017-12-27 | CVE-2017-17930 | Cross-Site Request Forgery (CSRF) vulnerability in Ordermanagementscript Professional Service Script PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. | 8.8 |
| 2017-12-27 | CVE-2017-17908 | Cross-Site Request Forgery (CSRF) vulnerability in Responsive Realestate Script Project Responsive Realestate Script 3.3.3 PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general. | 8.8 |
| 2017-12-27 | CVE-2017-17905 | Cross-Site Request Forgery (CSRF) vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8 PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. | 8.8 |
| 2017-12-27 | CVE-2017-17903 | Cross-Site Request Forgery (CSRF) vulnerability in Fortunescripts Lynda Clone 1.0 FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel. | 8.8 |
| 2017-12-27 | CVE-2017-17894 | Cross-Site Request Forgery (CSRF) vulnerability in Basic JOB Site Script Project Basic JOB Site Script Readymade Job Site Script has CSRF via the /job URI. | 8.8 |
| 2017-12-27 | CVE-2017-17891 | Cross-Site Request Forgery (CSRF) vulnerability in Readymade Video Sharing Script Project Readymade Video Sharing Script 3.2 Readymade Video Sharing Script has CSRF via user-profile-edit.php. | 8.8 |
| 2017-12-21 | CVE-2017-17830 | Cross-Site Request Forgery (CSRF) vulnerability in Doditsolutions BUS Booking Script Bus Booking Script has CSRF via admin/new_master.php. | 6.8 |
| 2017-12-21 | CVE-2017-17827 | Cross-Site Request Forgery (CSRF) vulnerability in Piwigo 2.9.2 Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.php?page=configuration§ion=main or /admin.php?page=batch_manager&mode=unit. | 8.8 |
| 2017-12-20 | CVE-2017-5263 | Cross-Site Request Forgery (CSRF) vulnerability in Cambiumnetworks products Versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware lack CSRF controls that can mitigate the effects of CSRF attacks, which are most typically implemented as randomized per-session tokens associated with any web application function, especially destructive ones. | 8.0 |