Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-09-10 CVE-2016-7067 Cross-Site Request Forgery (CSRF) vulnerability in Mmonit Monit
Monit before version 5.20.0 is vulnerable to a cross site request forgery attack.
network
low complexity
mmonit CWE-352
6.5
6.5
2018-09-08 CVE-2018-16732 Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1
\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftp_save.
network
chshcms CWE-352
6.8
6.8
2018-09-07 CVE-2018-0647 Cross-Site Request Forgery (CSRF) vulnerability in Asus Wl-330Nul Firmware 3.0.0.41
Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
asus CWE-352
6.8
6.8
2018-09-07 CVE-2018-16650 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
phpMyFAQ before 2.9.11 allows CSRF.
network
phpmyfaq CWE-352
6.8
6.8
2018-09-06 CVE-2018-1000669 Cross-Site Request Forgery (CSRF) vulnerability in Koha
KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Request Forgery (CSRF) vulnerability in /cgi-bin/koha/members/paycollect.pl Parameters affected: borrowernumber, amount, amountoutstanding, paid that can result in Attackers can mark payments as paid for certain users on behalf of Administrators.
network
koha CWE-352
6.8
6.8
2018-09-05 CVE-2018-16552 Cross-Site Request Forgery (CSRF) vulnerability in Micropyramid Django CRM 0.2
MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs. 		6.8
6.8
2018-09-05 CVE-2018-15682 Cross-Site Request Forgery (CSRF) vulnerability in Btiteam Xbtit 2.5.4
An issue was discovered in BTITeam XBTIT.
network
btiteam CWE-352
6.8
6.8
2018-09-05 CVE-2018-15677 Cross-Site Request Forgery (CSRF) vulnerability in Btiteam Xbtit 2.5.4
The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item.
network
btiteam CWE-352
4.3
4.3
2018-09-05 CVE-2018-14769 Cross-Site Request Forgery (CSRF) vulnerability in Vivotek Camera
VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF.
network
vivotek CWE-352
6.8
6.8
2018-09-04 CVE-2018-16458 Cross-Site Request Forgery (CSRF) vulnerability in Baigo CMS 2.1.1
An issue was discovered in baigo CMS v2.1.1.
network
baigo CWE-352
4.3
4.3