Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-07 | CVE-2015-4697 | Cross-Site Request Forgery (CSRF) vulnerability in Sumo Google Analyticator Cross-site request forgery (CSRF) vulnerability in Google Analyticator Wordpress Plugin before 6.4.9.3 rev @1183563. | 8.8 |
| 2017-09-07 | CVE-2015-4619 | Cross-Site Request Forgery (CSRF) vulnerability in Denkgroot Spina Cross-site request forgery (CSRF) vulnerability in Spina before commit bfe44f289e336f80b6593032679300c493735e75. | 8.8 |
| 2017-09-07 | CVE-2014-9565 | Cross-Site Request Forgery (CSRF) vulnerability in IBM En6131 Firmware and Ib6131 Firmware Cross-site request forgery (CSRF) vulnerability in IBM Flex System EN6131 40Gb Ethernet and IB6131 40Gb Infiniband Switch firmware 3.4.0000 and earlier. | 8.8 |
| 2017-09-07 | CVE-2017-12838 | Cross-Site Request Forgery (CSRF) vulnerability in Nexusphp Project Nexusphp 1.5 Cross-site request forgery (CSRF) vulnerability in NexusPHP 1.5 allows remote attackers to hijack the authentication of users for requests that (1) send manas via a request to mybonus.php or (2) add administrators via unspecified vectors. | 8.8 |
| 2017-09-07 | CVE-2017-11567 | Cross-Site Request Forgery (CSRF) vulnerability in Cesanta Mongoose Embedded web Server Library Cross-site request forgery (CSRF) vulnerability in Mongoose Web Server before 6.9 allows remote attackers to hijack the authentication of users for requests that modify Mongoose.conf via a request to __mg_admin?save. | 8.8 |
| 2017-09-05 | CVE-2017-1097 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Emptoris Strategic Supply Management IBM Emptoris Strategic Supply Management Platform 10.0.0.x through 10.1.1.x is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-08-31 | CVE-2017-14048 | Cross-Site Request Forgery (CSRF) vulnerability in Blackcat-Cms Blackcat CMS 1.2 BlackCat CMS 1.2 allows remote authenticated users to inject arbitrary PHP code into info.php via a crafted new_modulename parameter to backend/addons/ajax_create.php. | 8.8 |
| 2017-08-30 | CVE-2017-1442 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Emptoris Services Procurement IBM Emptoris Services Procurement 10.0.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-08-29 | CVE-2016-2965 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. | 6.5 |
| 2017-08-29 | CVE-2016-0356 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sametime IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. | 6.5 |