Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-03	CVE-2018-5073	Cross-Site Request Forgery (CSRF) vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script Online Ticket Booking has CSRF via admin/movieedit.php. network advanced-real-estate-script-project CWE-352	6.0
2018-01-03	CVE-2017-1000479	Cross-Site Request Forgery (CSRF) vulnerability in multiple products pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options header is set. network netgate opnsense-project CWE-352	6.8
2018-01-03	CVE-2017-1000499	Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. network phpmyadmin CWE-352	6.8
2018-01-02	CVE-2017-1000432	Cross-Site Request Forgery (CSRF) vulnerability in Vanillaforums Vanilla Forums Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting topics and comments from forums Admin access network vanillaforums CWE-352	6.0
2017-12-30	CVE-2017-17990	Cross-Site Request Forgery (CSRF) vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. network iwcnetwork CWE-352	6.8
2017-12-30	CVE-2017-17982	Cross-Site Request Forgery (CSRF) vulnerability in Muslim Matrimonial Script Project Muslim Matrimonial Script 3.0.3 PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php. network muslim-matrimonial-script-project CWE-352	6.0
2017-12-29	CVE-2014-0120	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in the admin terminal in Hawt.io allows remote attackers to hijack the authentication of arbitrary users for requests that run commands on the Karaf server, as demonstrated by running "shutdown -f." network hawt redhat CWE-352	6.8
2017-12-28	CVE-2017-17960	Cross-Site Request Forgery (CSRF) vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php. network php-multivendor-ecommerce-project CWE-352	6.8
2017-12-28	CVE-2017-17939	Cross-Site Request Forgery (CSRF) vulnerability in Single Theater Booking Script Project Single Theater Booking Script 3.2.2 PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php. network single-theater-booking-script-project CWE-352	6.8
2017-12-28	CVE-2017-17936	Cross-Site Request Forgery (CSRF) vulnerability in Vanguard Project Marketplace Digital products PHP Vanguard Marketplace Digital Products PHP has CSRF via /search. network vanguard-project CWE-352	6.8