Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-11-06 CVE-2018-12415 Cross-Site Request Forgery (CSRF) vulnerability in Tibco Enterprise Message Service
The Central Administration server (emsca) component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.
network
tibco CWE-352
6.8
6.8
2018-11-06 CVE-2018-12414 Cross-Site Request Forgery (CSRF) vulnerability in Tibco products
The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), and Rendezvous Daemon Manager (rvdm) components of TIBCO Software Inc.'s TIBCO Rendezvous, TIBCO Rendezvous Developer Edition, TIBCO Rendezvous for z/Linux, TIBCO Rendezvous for z/OS, TIBCO Rendezvous Network Server, TIBCO Substation ES contain vulnerabilities which may allow an attacker to perform cross-site request forgery (CSRF) attacks.
network
tibco CWE-352
6.8
6.8
2018-11-06 CVE-2018-12413 Cross-Site Request Forgery (CSRF) vulnerability in Tibco Messaging - Apache Kafka Distribution - Schema Repository 1.0.0
The Schema repository server (tibschemad) component of TIBCO Software Inc.'s TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Community Edition, and TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.
network
tibco CWE-352
6.8
6.8
2018-11-06 CVE-2018-12412 Cross-Site Request Forgery (CSRF) vulnerability in Tibco FTL
The realm server (tibrealmserver) component of TIBCO Software Inc.
network
tibco CWE-352
6.8
6.8
2018-11-06 CVE-2018-12411 Cross-Site Request Forgery (CSRF) vulnerability in Tibco Activespaces
The administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.
network
tibco CWE-352
6.8
6.8
2018-11-05 CVE-2018-18935 Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1
An issue was discovered in PopojiCMS v2.0.1.
network
popojicms CWE-352
6.8
6.8
2018-11-05 CVE-2018-18934 Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1
An issue was discovered in PopojiCMS v2.0.1.
network
low complexity
popojicms CWE-352
7.5
7.5
2018-11-01 CVE-2018-6907 Cross-Site Request Forgery (CSRF) vulnerability in Rainmachine web Application
A Cross Site Request Forgery (CSRF) vulnerability in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allows an attacker to control the RainMachine device via the REST API. 		6.8
6.8
2018-10-30 CVE-2018-18842 Cross-Site Request Forgery (CSRF) vulnerability in Zblogcn Z-Blogphp 1.5.2.1935(Zero)
CSRF exists in zb_users/plugin/AppCentre/theme.js.php in Z-BlogPHP 1.5.2.1935 (Zero), which allows remote attackers to execute arbitrary PHP code.
network
zblogcn CWE-352
6.8
6.8
2018-10-29 CVE-2018-18742 Cross-Site Request Forgery (CSRF) vulnerability in Sem-Cms Semcms 3.4
A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI.
network
sem-cms CWE-352
6.8
6.8