Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-21 | CVE-2017-5959 | Cross-Site Request Forgery (CSRF) vulnerability in Metalgenix Genixcms CSRF token bypass in GeniXCMS before 1.0.2 could result in escalation of privileges. | 9.8 |
| 2017-02-17 | CVE-2016-4315 | Cross-Site Request Forgery (CSRF) vulnerability in Wso2 Carbon 4.4.5 Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 allows remote attackers to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action to server-admin/proxy_ajaxprocessor.jsp. | 5.7 |
| 2017-02-17 | CVE-2016-4311 | Cross-Site Request Forgery (CSRF) vulnerability in Wso2 Identity Server 5.1.0 Cross-site request forgery (CSRF) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0 allows remote attackers to hijack the authentication of privileged users for requests that process XACML requests via an entitlement/eval-policy-submit.jsp request. | 8.8 |
| 2017-02-15 | CVE-2016-6033 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-02-13 | CVE-2017-5169 | Cross-Site Request Forgery (CSRF) vulnerability in Hanwha-Security Smart Security Manager 1.5 An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. | 7.5 |
| 2017-02-13 | CVE-2017-5165 | Cross-Site Request Forgery (CSRF) vulnerability in Binom3 Universal Multifunctional Electric Power Quality Meter Firmware An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. | 7.6 |
| 2017-02-13 | CVE-2017-5145 | Cross-Site Request Forgery (CSRF) vulnerability in Carlosgavazzi Vmu-C EM Firmware and Vmu-C PV Firmware An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. | 10.0 |
| 2017-02-13 | CVE-2016-9365 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products An issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions prior to 2.8, NPort 5400 Series versions prior to 3.11, NPort 5600 Series versions prior to 3.7, NPort 5100A Series & NPort P5150A versions prior to 1.3, NPort 5200A Series versions prior to 1.3, NPort 5150AI-M12 Series versions prior to 1.2, NPort 5250AI-M12 Series versions prior to 1.2, NPort 5450AI-M12 Series versions prior to 1.2, NPort 5600-8-DT Series versions prior to 2.4, NPort 5600-8-DTL Series versions prior to 2.4, NPort 6x50 Series versions prior to 1.13.11, NPort IA5450A versions prior to v1.4. | 8.8 |
| 2017-02-13 | CVE-2016-8369 | Cross-Site Request Forgery (CSRF) vulnerability in Lynxspring Jenesys BAS Bridge 1.1.8 An issue was discovered in Lynxspring JENEsys BAS Bridge versions 1.1.8 and older. | 8.8 |
| 2017-02-13 | CVE-2016-8350 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products An issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. | 6.3 |