Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2017-05-12 CVE-2016-4876 Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators to execute arbitrary PHP code via unspecified vectors.
network
low complexity
basercms CWE-352
8.8
2017-05-11 CVE-2016-9092 Cross-Site Request Forgery (CSRF) vulnerability in Symantec Content Analysis and Mail Threat Defense
The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability.
network
low complexity
symantec CWE-352
8.8
2017-05-10 CVE-2016-5889 Cross-Site Request Forgery (CSRF) vulnerability in IBM Interact
IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2017-05-10 CVE-2017-8875 Cross-Site Request Forgery (CSRF) vulnerability in Codection Clean Login 1.7.12
CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL.
network
low complexity
codection CWE-352
6.5
2017-05-10 CVE-2017-8874 Cross-Site Request Forgery (CSRF) vulnerability in Acquia Mautic 1.4.1
Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts.
network
low complexity
acquia CWE-352
8.8
2017-05-10 CVE-2017-5891 Cross-Site Request Forgery (CSRF) vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF.
network
low complexity
asus CWE-352
8.8
2017-05-08 CVE-2017-8848 Cross-Site Request Forgery (CSRF) vulnerability in Allen Disk Project Allen Disk 1.6
Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a password.
network
low complexity
allen-disk-project CWE-352
6.5
2017-05-03 CVE-2017-7431 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.
network
low complexity
novell netiq CWE-352
8.8
2017-04-28 CVE-2017-1194 Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
2017-04-28 CVE-2017-2102 Cross-Site Request Forgery (CSRF) vulnerability in IPA Appgoat 3.0.0
Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
low complexity
ipa CWE-352
8.8