Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2005-06-29 CVE-2005-2059 Cross-Site Request Forgery (CSRF) vulnerability in Ubbcentral Ubb.Threads
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) addaddress.php, (2) toggleignore.php, (3) removeignore.php, and (4) removeaddress.php in Infopop UBB.Threads before 6.5.2 Beta allow remote attackers to modify settings as another user via a link or IMG tag.
network
low complexity
ubbcentral CWE-352
6.5
2005-06-09 CVE-2005-1947 Cross-Site Request Forgery (CSRF) vulnerability in Invisioncommunity Gallery
Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote attackers to delete albums and images as another user via a link or IMG tag to the (1) albums or (2) delimg actions.
network
low complexity
invisioncommunity CWE-352
4.3
2005-05-19 CVE-2005-1674 Cross-Site Request Forgery (CSRF) vulnerability in Helpcenterlive Help Center Live
Cross-Site Request Forgery (CSRF) vulnerability in Help Center Live allows remote attackers to perform actions as the administrator via a link or IMG tag to view.php.
network
low complexity
helpcenterlive CWE-352
6.5
2004-12-31 CVE-2004-1995 Cross-Site Request Forgery (CSRF) vulnerability in Fusetalk 2.0
Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm.
network
low complexity
fusetalk CWE-352
6.5
2004-12-31 CVE-2004-1842 Cross-Site Request Forgery (CSRF) vulnerability in PHPnuke PHP-Nuke
Cross-site request forgery (CSRF) vulnerability in Php-Nuke 6.x through 7.1.0 allows remote attackers to gain administrative privileges via an img tag with a URL to admin.php.
network
low complexity
phpnuke CWE-352
8.8
2004-07-30 CVE-2004-1703 Cross-Site Request Forgery (CSRF) vulnerability in Fusionphp Fusion News 3.6.1
Fusion News 3.6.1 allows remote attackers to add user accounts, if the administrator is logged in, via a comment that contains an img bbcode tag that calls index.php with the signup action, which is executed when the administrator's browser loads the page with the img tag.
network
low complexity
fusionphp CWE-352
8.8
2004-04-25 CVE-2004-1967 Cross-Site Request Forgery (CSRF) vulnerability in Openbb 1.0.6
Cross-site request forgery (CSRF) vulnerabilities in (1) cp_forums.php, (2) cp_usergroup.php, (3) cp_ipbans.php, (4) myhome.php, (5) post.php, or (6) moderator.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allow remote attackers to execute arbitrary code by including the code in an image tag or a link.
network
low complexity
openbb CWE-352
8.8