Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-10-17 CVE-2018-15402 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Enterprise Network Virtualization Software Nfvis8.0/Nfvis9.0
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks.
network
cisco CWE-352
6.8
6.8
2018-10-17 CVE-2018-18436 Cross-Site Request Forgery (CSRF) vulnerability in Jtbc PHP 3.0.0.0
JTBC(PHP) 3.0 allows CSRF for creating an account via the console/account/manage.php?type=action&action=add URI.
network
jtbc CWE-352
6.8
6.8
2018-10-17 CVE-2018-18432 Cross-Site Request Forgery (CSRF) vulnerability in Destoon B2B 7.0
An issue was discovered in DESTOON B2B 7.0.
network
destoon CWE-352
6.8
6.8
2018-10-17 CVE-2018-18422 Cross-Site Request Forgery (CSRF) vulnerability in Usualtool Usualtoolcms 8.0
UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmin/a_adminx.php?x=a URI.
network
usualtool CWE-352
6.8
6.8
2018-10-15 CVE-2018-15539 Cross-Site Request Forgery (CSRF) vulnerability in Agentejo Cockpit
Agentejo Cockpit lacks an anti-CSRF protection mechanism.
network
agentejo CWE-352
6.8
6.8
2018-10-15 CVE-2018-18317 Cross-Site Request Forgery (CSRF) vulnerability in Dscms Project Dscms 1.1
DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI. 		6.8
6.8
2018-10-15 CVE-2018-18316 Cross-Site Request Forgery (CSRF) vulnerability in Emlog 6.0.0
emlog v6.0.0 has CSRF via the admin/user.php?action=new URI.
network
emlog CWE-352
6.8
6.8
2018-10-11 CVE-2018-18215 Cross-Site Request Forgery (CSRF) vulnerability in Youke365 Youke 365 1.1.5
In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account.
network
youke365 CWE-352
6.8
6.8
2018-10-10 CVE-2018-12456 Cross-Site Request Forgery (CSRF) vulnerability in Intelbras Nplug Firmware 1.0.0.14
Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.
network
intelbras CWE-352
6.8
6.8
2018-10-10 CVE-2018-13800 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Simatic S7-1200 V4 Firmware
A vulnerability has been identified in SIMATIC S7-1200 CPU family version 4 (All versions < V4.2.3).
network
siemens CWE-352
4.9
4.9