Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-11-01 CVE-2024-10605 Cross-Site Request Forgery (CSRF) vulnerability in Fabianros Blood Bank Management System 1.0
A vulnerability was found in code-projects Blood Bank Management System 1.0.
network
low complexity
fabianros CWE-352
6.5
6.5
2024-10-31 CVE-2024-10557 Cross-Site Request Forgery (CSRF) vulnerability in Fabianros Blood Bank Management System 1.0
A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as problematic.
network
low complexity
fabianros CWE-352
6.5
6.5
2024-10-30 CVE-2024-24777 Cross-Site Request Forgery (CSRF) vulnerability in Level1 Wbr-6012 Firmware R0.40E6
A cross-site request forgery (CSRF) vulnerability exists in the Web Application functionality of the LevelOne WBR-6012 R0.40e6.
network
low complexity
level1 CWE-352
8.8
8.8
2024-10-29 CVE-2024-50466 Cross-Site Request Forgery (CSRF) vulnerability in Darkmysite
Cross-Site Request Forgery (CSRF) vulnerability in DarkMySite DarkMySite – Advanced Dark Mode Plugin for WordPress darkmysite allows Cross Site Request Forgery.This issue affects DarkMySite – Advanced Dark Mode Plugin for WordPress: from n/a through 1.2.8.
network
low complexity
darkmysite CWE-352
8.8
8.8
2024-10-29 CVE-2024-9990 Cross-Site Request Forgery (CSRF) vulnerability in Odude Crypto Tool
The Crypto plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.15.
network
low complexity
odude CWE-352
8.8
8.8
2024-10-29 CVE-2024-6673 Cross-Site Request Forgery (CSRF) vulnerability in Lollms web UI
A Cross-Site Request Forgery (CSRF) vulnerability exists in the `install_comfyui` endpoint of the `lollms_comfyui.py` file in the parisneo/lollms-webui repository, versions v9.9 to the latest.
network
low complexity
lollms CWE-352
6.5
6.5
2024-10-29 CVE-2024-49672 Cross-Site Request Forgery (CSRF) vulnerability in Google Docs Rsvp Project Google Docs Rsvp
Cross-Site Request Forgery (CSRF) vulnerability in Gifford Cheung, Brian Watanabe, Chongsun Ahn Google Docs RSVP allows Stored XSS.This issue affects Google Docs RSVP: from n/a through 2.0.1.
network
low complexity
google-docs-rsvp-project CWE-352
6.1
6.1
2024-10-29 CVE-2024-46872 Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in Playbooks
network
low complexity
mattermost CWE-352
4.6
4.6
2024-10-28 CVE-2024-10448 Cross-Site Request Forgery (CSRF) vulnerability in Fabianros Blood Bank Management System 1.0
A vulnerability, which was classified as problematic, has been found in code-projects Blood Bank Management System 1.0.
network
low complexity
fabianros CWE-352
6.5
6.5
2024-10-25 CVE-2024-9598 The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.99.1.
network
low complexity
CWE-352
8.8
8.8