Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-05-08 | CVE-2017-8848 | Cross-Site Request Forgery (CSRF) vulnerability in Allen Disk Project Allen Disk 1.6 Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a password. | 4.3 |
2017-05-03 | CVE-2017-7431 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management. | 8.8 |
2017-04-28 | CVE-2017-1194 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
2017-04-28 | CVE-2017-2102 | Cross-Site Request Forgery (CSRF) vulnerability in IPA Appgoat 3.0.0 Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 6.8 |
2017-04-28 | CVE-2017-2097 | Cross-Site Request Forgery (CSRF) vulnerability in Support-Project Knowledge Cross-site request forgery (CSRF) vulnerability in Knowledge versions prior to v1.7.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 6.8 |
2017-04-24 | CVE-2017-8101 | Cross-Site Request Forgery (CSRF) vulnerability in S9Y Serendipity 2.0.5 There is CSRF in Serendipity 2.0.5, allowing attackers to install any themes via a GET request. | 6.8 |
2017-04-24 | CVE-2017-8100 | Cross-Site Request Forgery (CSRF) vulnerability in Artistscope Copysafe web Protection There is CSRF in the CopySafe Web Protection plugin before 2.6 for WordPress, allowing attackers to change plugin settings. | 4.3 |
2017-04-24 | CVE-2017-8099 | Cross-Site Request Forgery (CSRF) vulnerability in Browserweb INC Whizz There is CSRF in the WHIZZ plugin before 1.1.1 for WordPress, allowing attackers to delete any WordPress users and change the plugin's status via a GET request. | 5.8 |
2017-04-24 | CVE-2017-8098 | Cross-Site Request Forgery (CSRF) vulnerability in E107 2.1.4 e107 2.1.4 is vulnerable to cross-site request forgery in plugin-installing, meta-changing, and settings-changing. | 4.3 |
2017-04-24 | CVE-2016-3691 | Cross-Site Request Forgery (CSRF) vulnerability in Kallithea-Scm Kallithea 0.1/0.2/0.3.1 Routes in Kallithea before 0.3.2 allows remote attackers to bypass the CSRF protection by using the GET HTTP request method. | 6.8 |