Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-04 | CVE-2018-16449 | Cross-Site Request Forgery (CSRF) vulnerability in Onethink 1.1.141212 OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a blog via admin.php?s=/Article/update.html, and setting the audit state via admin.php?s=/Article/setStatus/status/1.html. | 4.3 |
| 2018-09-04 | CVE-2018-16448 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.0 Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save. | 6.8 |
| 2018-09-04 | CVE-2018-16447 | Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5 Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. | 6.8 |
| 2018-09-04 | CVE-2018-16431 | Cross-Site Request Forgery (CSRF) vulnerability in Yfcmf 3.0 admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account. | 8.8 |
| 2018-09-03 | CVE-2018-16416 | Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.4 Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password. | 6.8 |
| 2018-09-03 | CVE-2018-16387 | Cross-Site Request Forgery (CSRF) vulnerability in Elefantcms An issue was discovered in Elefant CMS before 2.0.5. | 6.8 |
| 2018-09-03 | CVE-2018-16380 | Cross-Site Request Forgery (CSRF) vulnerability in Digimute Ogma CMS 0.4 An issue was discovered in Ogma CMS 0.4 Beta. | 6.8 |
| 2018-09-02 | CVE-2018-16366 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.10 An issue was discovered in idreamsoft iCMS V7.0.10. | 6.8 |
| 2018-09-02 | CVE-2018-16365 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.10 An issue was discovered in idreamsoft iCMS V7.0.10. | 6.8 |
| 2018-09-02 | CVE-2018-16345 | Cross-Site Request Forgery (CSRF) vulnerability in Easycms 1.5 An issue was discovered in EasyCMS 1.5. | 6.8 |