Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-05-31 | CVE-2016-2285 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products Cross-site request forgery (CSRF) vulnerability on Moxa MiiNePort_E1_4641 devices with firmware 1.1.10 Build 09120714, MiiNePort_E1_7080 devices with firmware 1.1.10 Build 09120714, MiiNePort_E2_1242 devices with firmware 1.1 Build 10080614, MiiNePort_E2_4561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build 11071409 allows remote attackers to hijack the authentication of arbitrary users. | 8.8 |
| 2016-05-22 | CVE-2016-2157 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle Cross-site request forgery (CSRF) vulnerability in mod/assign/adminmanageplugins.php in Moodle through 2.6.11, 2.7.x before 2.7.13, 2.8.x before 2.8.11, 2.9.x before 2.9.5, and 3.0.x before 3.0.3 allows remote attackers to hijack the authentication of administrators for requests that manage Assignment plugins. | 8.8 |
| 2016-04-30 | CVE-2016-1201 | Cross-Site Request Forgery (CSRF) vulnerability in Lockon Ec-Cube Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 3.0.0 through 3.0.9 allows remote attackers to hijack the authentication of administrators. | 8.8 |
| 2016-04-20 | CVE-2016-0891 | Cross-Site Request Forgery (CSRF) vulnerability in EMC Vipr SRM 3.6.0/3.6.4 Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators. | 8.8 |
| 2016-04-08 | CVE-2015-6541 | Cross-Site Request Forgery (CSRF) vulnerability in Zimbra Collaboration Server Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collaboration Server (ZCS) before 8.5 allow remote attackers to hijack the authentication of arbitrary users for requests that change account preferences via a SOAP request to service/soap/BatchRequest. | 8.8 |
| 2016-04-06 | CVE-2016-1174 | Cross-Site Request Forgery (CSRF) vulnerability in Hiniarata Casebook Plugin 0.9.2 Cross-site request forgery (CSRF) vulnerability in the Menubook plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators. | 8.8 |
| 2016-04-06 | CVE-2016-1172 | Cross-Site Request Forgery (CSRF) vulnerability in Hiniarata Casebook Plugin 0.9.2 Cross-site request forgery (CSRF) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators. | 8.8 |
| 2016-04-06 | CVE-2016-1170 | Cross-Site Request Forgery (CSRF) vulnerability in Hiniarata Casebook Plugin 0.9.2/0.9.3 Cross-site request forgery (CSRF) vulnerability in the Casebook plugin before 0.9.4 for baserCMS allows remote attackers to hijack the authentication of administrators. | 8.8 |
| 2016-04-05 | CVE-2016-1175 | Cross-Site Request Forgery (CSRF) vulnerability in Sharp Aquos Hn-Pp150 Firmware 1.02.00.04/1.03.01.04 Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users. | 4.3 |
| 2016-04-01 | CVE-2016-1168 | Cross-Site Request Forgery (CSRF) vulnerability in Aterm Wf800Hp Firmware 1.0.17 Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users. | 8.8 |