Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-16 | CVE-2017-6379 | Cross-Site Request Forgery (CSRF) vulnerability in Drupal Some administrative paths in Drupal 8.2.x before 8.2.7 did not include protection for CSRF. | 7.5 |
| 2017-03-15 | CVE-2017-6918 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.2.16 CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to the admin/settings/update/ page. | 4.3 |
| 2017-03-15 | CVE-2017-6917 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.2.16 CSRF exists in BigTree CMS 4.2.16 with the value parameter to the admin/settings/update/ page. | 4.3 |
| 2017-03-15 | CVE-2017-6916 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.1.8 CSRF exists in BigTree CMS 4.1.18 with the nav-social[#] parameter to the admin/settings/update/ page. | 4.3 |
| 2017-03-15 | CVE-2017-6915 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.1.8 CSRF exists in BigTree CMS 4.1.18 with the colophon parameter to the admin/settings/update/ page. | 4.3 |
| 2017-03-15 | CVE-2017-6914 | Cross-Site Request Forgery (CSRF) vulnerability in Bigtreecms Bigtree CMS 4.1.8/4.2.16 CSRF exists in BigTree CMS 4.1.18 and 4.2.16 with the id parameter to the admin/ajax/users/delete/ page. | 7.1 |
| 2017-03-15 | CVE-2017-6366 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Dgn2200 Firmware Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. | 8.8 |
| 2017-03-14 | CVE-2016-8018 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Virusscan Enterprise Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input. | 4.3 |
| 2017-03-13 | CVE-2017-6180 | Cross-Site Request Forgery (CSRF) vulnerability in Keekoonvision Kk002 IP Camera Firmware 1.8.12 Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery Vulnerability affecting goform/formChnUserPwd and goform/formUserMng (and the entire set of other pages). | 8.8 |
| 2017-03-13 | CVE-2017-6081 | Cross-Site Request Forgery (CSRF) vulnerability in Zammad A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. | 8.8 |