Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-06 | CVE-2017-10677 | Cross-Site Request Forgery (CSRF) vulnerability in Linksys Ea4500 Firmware 2.0.36 Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP. | 8.8 |
| 2017-08-06 | CVE-2017-12584 | Cross-Site Request Forgery (CSRF) vulnerability in Slims Senayan Library Management System There is no CSRF mitigation in SLiMS 8 Akasia through 8.3.1. | 8.8 |
| 2017-08-05 | CVE-2017-9863 | Cross-Site Request Forgery (CSRF) vulnerability in SMA products An issue was discovered in SMA Solar Technology products. | 8.8 |
| 2017-08-05 | CVE-2017-12439 | Cross-Site Request Forgery (CSRF) vulnerability in Socusoft Flash Slideshow Maker 5.20 SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file. | 7.5 |
| 2017-08-02 | CVE-2017-2138 | Cross-Site Request Forgery (CSRF) vulnerability in Cs-Cart and Cs-Cart Multivendor Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-07-31 | CVE-2017-11726 | Cross-Site Request Forgery (CSRF) vulnerability in Connectwise Manage 2017.5 services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting. | 8.8 |
| 2017-07-31 | CVE-2017-11648 | Cross-Site Request Forgery (CSRF) vulnerability in Techroutes TR 1803-3G Firmware 2.4.25 Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection against a CSRF vulnerability, as demonstrated by a goform/BasicSettings request to disable port filtering. | 8.8 |
| 2017-07-31 | CVE-2016-9716 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-07-31 | CVE-2016-9714 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-07-31 | CVE-2017-9490 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows configuration changes via CSRF. | 8.8 |