Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-17 | CVE-2018-20728 | Cross-Site Request Forgery (CSRF) vulnerability in Nedi A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp3 allows remote attackers to escalate privileges via User-Management.php. | 6.8 |
| 2019-01-16 | CVE-2016-10738 | Cross-Site Request Forgery (CSRF) vulnerability in Castlamp Zenbership 107 Zenbership v107 has CSRF via admin/cp-functions/event-add.php. | 6.8 |
| 2019-01-15 | CVE-2019-6294 | Cross-Site Request Forgery (CSRF) vulnerability in Easycms 1.5 An issue was discovered in EasyCMS 1.5. | 6.8 |
| 2019-01-13 | CVE-2019-6249 | Cross-Site Request Forgery (CSRF) vulnerability in Hucart 5.7.4 An issue was discovered in HuCart v5.7.4. | 6.8 |
| 2019-01-12 | CVE-2019-6244 | Cross-Site Request Forgery (CSRF) vulnerability in Usualtool Usualtoolcms 8.0 An issue was discovered in UsualToolCMS 8.0. | 6.8 |
| 2019-01-09 | CVE-2018-1000417 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Email Extension Template A cross-site request forgery vulnerability exists in Jenkins Email Extension Template Plugin 1.0 and earlier in ExtEmailTemplateManagement.java that allows creating or removing templates. | 5.8 |
| 2019-01-09 | CVE-2018-1000414 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Config File Provider A cross-site request forgery vulnerability exists in Jenkins Config File Provider Plugin 3.1 and earlier in ConfigFilesManagement.java, FolderConfigFileAction.java that allows creating and editing configuration file definitions. | 5.8 |
| 2019-01-09 | CVE-2018-1000411 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Junit A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestObject.java that allows setting the description of a test result. | 4.3 |
| 2018-12-30 | CVE-2018-20613 | Cross-Site Request Forgery (CSRF) vulnerability in Temmoku Project Temmoku T1.09 TEMMOKU T1.09 Beta allows admin/user/add CSRF. | 6.8 |
| 2018-12-30 | CVE-2018-20612 | Cross-Site Request Forgery (CSRF) vulnerability in Asthis Universal Website Asthis 2.3.11 UWA 2.3.11 allows index.php?g=admin&c=admin&a=add_admin_do CSRF. | 6.8 |