Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2018-03-13 CVE-2018-1000092 Cross-Site Request Forgery (CSRF) vulnerability in Cmsmadesimple CMS Made Simple 2.2.5
CMS Made Simple version versions 2.2.5 contains a Cross ite Request Forgery (CSRF) vulnerability in Admin profile page that can result in Details can be found here http://dev.cmsmadesimple.org/bug/view/11715. 		6.8
6.8
2018-03-13 CVE-2018-1000086 Cross-Site Request Forgery (CSRF) vulnerability in NPR Pym.Js
NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function.
network
npr CWE-352
6.8
6.8
2018-03-13 CVE-2018-1000082 Cross-Site Request Forgery (CSRF) vulnerability in Ajenti 2
Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerability in the command execution panel of the tool used to manage the server.
network
ajenti CWE-352
6.8
6.8
2018-03-09 CVE-2016-0272 Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager
Cross-site request forgery (CSRF) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors.
network
ibm CWE-352
6.0
6.0
2018-03-08 CVE-2018-1442 Cross-Site Request Forgery (CSRF) vulnerability in IBM Monitoring 8.1.4
IBM Application Performance Management - Response Time Monitoring Agent (IBM Monitoring 8.1.4) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
6.8
6.8
2018-03-08 CVE-2017-7641 Cross-Site Request Forgery (CSRF) vulnerability in Qnap Media Streaming Add-On
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not utilize CSRF protections.
network
qnap CWE-352
6.8
6.8
2018-03-08 CVE-2018-0216 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Identity Services Engine
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.
network
cisco CWE-352
5.8
5.8
2018-03-08 CVE-2018-0215 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Identity Services Engine 2.0(0.234)
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.
network
cisco CWE-352
6.8
6.8
2018-03-08 CVE-2018-0210 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Network Manager 10.4(1.128)/10.4(2)
A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.
network
cisco CWE-352
6.8
6.8
2018-03-07 CVE-2018-7565 Cross-Site Request Forgery (CSRF) vulnerability in Polycom QDX 6000 Firmware
CSRF exists on Polycom QDX 6000 devices.
network
polycom CWE-352
6.8
6.8