Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-7404 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-615 20.12Ptb01 On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). | 8.8 |
| 2017-07-07 | CVE-2017-4998 | Cross-Site Request Forgery (CSRF) vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. | 8.8 |
| 2017-07-03 | CVE-2017-5943 | Cross-Site Request Forgery (CSRF) vulnerability in Bestpractical Request Tracker Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 allows remote attackers to obtain sensitive information about cross-site request forgery (CSRF) verification tokens via a crafted URL. | 8.8 |
| 2017-06-30 | CVE-2017-6042 | Cross-Site Request Forgery (CSRF) vulnerability in Sierra Wireless products A Cross-Site Request Forgery issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, all versions prior to 4.0.11. | 8.8 |
| 2017-06-30 | CVE-2017-6038 | Cross-Site Request Forgery (CSRF) vulnerability in Belden Hirschmann Gecko Lite Managed Switch Firmware A Cross-Site Request Forgery issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. | 7.1 |
| 2017-06-29 | CVE-2017-10681 | Cross-Site Request Forgery (CSRF) vulnerability in Piwigo Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to unlock albums via a crafted request. | 8.8 |
| 2017-06-29 | CVE-2017-10680 | Cross-Site Request Forgery (CSRF) vulnerability in Piwigo Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to change a private album to public via a crafted request. | 8.8 |
| 2017-06-29 | CVE-2017-10678 | Cross-Site Request Forgery (CSRF) vulnerability in Piwigo Cross-site request forgery (CSRF) vulnerability in Piwigo through 2.9.1 allows remote attackers to hijack the authentication of users for requests to delete permalinks via a crafted request. | 8.8 |
| 2017-06-29 | CVE-2017-5528 | Cross-Site Request Forgery (CSRF) vulnerability in Tibco products Multiple JasperReports Server components contain vulnerabilities which may allow authorized users to perform cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. | 8.8 |
| 2017-06-27 | CVE-2017-6086 | Cross-Site Request Forgery (CSRF) vulnerability in Vimbadmin 3.0.15 Multiple cross-site request forgery (CSRF) vulnerabilities in the addAction and purgeAction functions in ViMbAdmin 3.0.15 allow remote attackers to hijack the authentication of logged administrators to (1) add an administrator user via a crafted POST request to <vimbadmin directory>/application/controllers/DomainController.php, (2) remove an administrator user via a crafted GET request to <vimbadmin directory>/application/controllers/DomainController.php, (3) change an administrator password via a crafted POST request to <vimbadmin directory>/application/controllers/DomainController.php, (4) add a mailbox via a crafted POST request to <vimbadmin directory>/application/controllers/MailboxController.php, (5) delete a mailbox via a crafted POST request to <vimbadmin directory>/application/controllers/MailboxController.php, (6) archive a mailbox address via a crafted GET request to <vimbadmin directory>/application/controllers/ArchiveController.php, (7) add an alias address via a crafted POST request to <vimbadmin directory>/application/controllers/AliasController.php, or (8) remove an alias address via a crafted GET request to <vimbadmin directory>/application/controllers/AliasController.php. | 8.8 |