Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-12 | CVE-2017-16886 | Cross-Site Request Forgery (CSRF) vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. | 6.8 |
| 2018-01-12 | CVE-2016-0335 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Identity Manager Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | 6.8 |
| 2018-01-12 | CVE-2017-16862 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability. | 4.3 |
| 2018-01-12 | CVE-2018-5368 | Cross-Site Request Forgery (CSRF) vulnerability in Srbtranslatin Project Srbtranslatin 1.46 The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtranslatoptions action to wp-admin/options-general.php. | 6.8 |
| 2018-01-12 | CVE-2018-5361 | Cross-Site Request Forgery (CSRF) vulnerability in Wpglobus 1.9.6 The WPGlobus plugin 1.9.6 for WordPress has CSRF via wp-admin/options.php. | 6.8 |
| 2018-01-11 | CVE-2012-0699 | Cross-Site Request Forgery (CSRF) vulnerability in Haudenschilt Family Connections CMS Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php. | 6.8 |
| 2018-01-10 | CVE-2018-0785 | Cross-Site Request Forgery (CSRF) vulnerability in Microsoft Asp.Net Core 2.0 ASP.NET Core 1.0. | 4.3 |
| 2018-01-08 | CVE-2018-5301 | Cross-Site Request Forgery (CSRF) vulnerability in Magento Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433. | 5.8 |
| 2018-01-08 | CVE-2018-5285 | Cross-Site Request Forgery (CSRF) vulnerability in Wpscoop Imageinject 1.15 The ImageInject plugin 1.15 for WordPress has CSRF via wp-admin/options-general.php. | 6.8 |
| 2018-01-04 | CVE-2017-1672 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.6 and 2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |