Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-15 | CVE-2017-6366 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Dgn2200 Firmware Cross-site request forgery (CSRF) vulnerability in NETGEAR DGN2200 routers with firmware 10.0.0.20 through 10.0.0.50 allows remote attackers to hijack the authentication of users for requests that perform DNS lookups via the host_name parameter to dnslookup.cgi. | 6.8 |
2017-03-14 | CVE-2016-8018 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Virusscan Enterprise Cross-site request forgery (CSRF) vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to execute unauthorized commands via a crafted user input. | 6.0 |
2017-03-13 | CVE-2017-6180 | Cross-Site Request Forgery (CSRF) vulnerability in Keekoonvision Kk002 IP Camera Firmware 1.8.12 Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery Vulnerability affecting goform/formChnUserPwd and goform/formUserMng (and the entire set of other pages). | 6.8 |
2017-03-13 | CVE-2017-6081 | Cross-Site Request Forgery (CSRF) vulnerability in Zammad A CSRF issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. | 6.8 |
2017-03-13 | CVE-2017-6080 | Cross-Site Request Forgery (CSRF) vulnerability in Zammad An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, caused by lack of a protection mechanism involving HTTP Access-Control headers. | 7.5 |
2017-03-12 | CVE-2017-6819 | Cross-Site Request Forgery (CSRF) vulnerability in Wordpress In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. | 4.3 |
2017-03-07 | CVE-2016-9730 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
2017-03-06 | CVE-2017-6411 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dsl-2730U Firmware In1.00 Cross Site Request Forgery (CSRF) on D-Link DSL-2730U C1 IN_1.00 devices allows remote attackers to change the DNS or firewall configuration or any password. | 8.8 |
2017-03-06 | CVE-2017-5633 | Cross-Site Request Forgery (CSRF) vulnerability in D-Link Di-524 Firmware 9.01 Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (3) possibly have unspecified other impact via crafted requests to CGI programs. | 8.0 |
2017-03-03 | CVE-2015-8814 | Cross-Site Request Forgery (CSRF) vulnerability in Umbraco 7.3.8 Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file. | 6.8 |