Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-06 | CVE-2018-19923 | Cross-Site Request Forgery (CSRF) vulnerability in Sales & Company Management System Project Sales & Company Management System An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. | 6.8 |
| 2018-12-05 | CVE-2018-1002103 | Cross-Site Request Forgery (CSRF) vulnerability in Kubernetes Minikube In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. | 6.8 |
| 2018-12-04 | CVE-2018-16634 | Cross-Site Request Forgery (CSRF) vulnerability in Pluck-Cms Pluck 4.7.7 Pluck v4.7.7 allows CSRF via admin.php?action=settings. | 6.8 |
| 2018-11-30 | CVE-2018-7831 | Cross-Site Request Forgery (CSRF) vulnerability in Schneider-Electric products An Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to send a specially crafted URL to a currently authenticated web server user to execute a password change on the web server. | 4.3 |
| 2018-11-30 | CVE-2018-1927 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Storediq IBM StoredIQ 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
| 2018-11-28 | CVE-2018-19621 | Cross-Site Request Forgery (CSRF) vulnerability in Showdoc 2.4.2 server/index.php?s=/api/teamMember/save in ShowDoc 2.4.2 has a CSRF that can add members to a team. | 4.3 |
| 2018-11-27 | CVE-2018-14892 | Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Nsa325 V2 Firmware 4.81 Missing protections against Cross-Site Request Forgery in the web application in ZyXEL NSA325 V2 version 4.81 allow attackers to perform state-changing actions via crafted HTTP forms. | 6.8 |
| 2018-11-26 | CVE-2018-16854 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle versions 3.5 to 3.5.2, 3.4 to 3.4.5, 3.3 to 3.3.8, 3.1 to 3.1.14 and earlier. | 6.8 |
| 2018-11-26 | CVE-2018-19561 | Cross-Site Request Forgery (CSRF) vulnerability in Sikcms 1.1 sikcms 1.1 has CSRF via admin.php?m=Admin&c=Users&a=userAdd to add an administrator account. | 6.8 |
| 2018-11-26 | CVE-2018-19560 | Cross-Site Request Forgery (CSRF) vulnerability in Bagesoft Bagecms 3.1.3 BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate to modify a user account. | 9.3 |