Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-13 | CVE-2017-6659 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 11.5(0)/11.6 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2017-06-09 | CVE-2016-7822 | Cross-Site Request Forgery (CSRF) vulnerability in Buffalotech Wnc01Wh Firmware 1.0.0.8 Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-7809 | Cross-Site Request Forgery (CSRF) vulnerability in Corega Cg-Wlr300Nx Firmware 1.20 Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. | 8.8 |
| 2017-06-09 | CVE-2016-4909 | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Garoon Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors. | 4.3 |
| 2017-06-09 | CVE-2016-4907 | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors. | 8.8 |
| 2017-06-08 | CVE-2016-9991 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling Selling and Fulfillment Foundation IBM Sterling Order Management 9.2 through 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.0 |
| 2017-06-08 | CVE-2015-1786 | Cross-Site Request Forgery (CSRF) vulnerability in Zend Framework Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers. | 8.8 |
| 2017-06-08 | CVE-2017-9519 | Cross-Site Request Forgery (CSRF) vulnerability in Atmail atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account. | 8.8 |
| 2017-06-08 | CVE-2017-9518 | Cross-Site Request Forgery (CSRF) vulnerability in Atmail atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails. | 8.8 |
| 2017-06-08 | CVE-2017-9517 | Cross-Site Request Forgery (CSRF) vulnerability in Atmail atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV. | 8.8 |