Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-13 | CVE-2017-6180 | Cross-Site Request Forgery (CSRF) vulnerability in Keekoonvision Kk002 IP Camera Firmware 1.8.12 Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery Vulnerability affecting goform/formChnUserPwd and goform/formUserMng (and the entire set of other pages). | 8.8 |
| 2017-03-13 | CVE-2017-6081 | Cross-Site Request Forgery (CSRF) vulnerability in Zammad A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. | 8.8 |
| 2017-03-13 | CVE-2017-6080 | Cross-Site Request Forgery (CSRF) vulnerability in Zammad An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. | 9.8 |
| 2017-03-12 | CVE-2017-6819 | Cross-Site Request Forgery (CSRF) vulnerability in Wordpress In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. | 6.5 |
| 2017-03-07 | CVE-2016-9730 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2017-03-06 | CVE-2017-6411 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dsl-2730U Firmware In1.00 Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password. | 8.8 |
| 2017-03-06 | CVE-2017-5633 | Cross-Site Request Forgery (CSRF) vulnerability in D-Link Di-524 Firmware 9.01 Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. | 8.0 |
| 2017-03-03 | CVE-2015-8814 | Cross-Site Request Forgery (CSRF) vulnerability in Umbraco 7.3.8 Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file. | 8.8 |
| 2017-03-03 | CVE-2016-10206 | Cross-Site Request Forgery (CSRF) vulnerability in Zoneminder Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php. | 8.8 |
| 2017-02-27 | CVE-2017-2682 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens Ruggedcom Network Management Software 2.0.2 The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and is induced to trigger a malicious request. | 8.8 |