Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-06-27 | CVE-2008-6836 | Cross-Site Request Forgery (CSRF) vulnerability in Peter Wolanin Openid 5.X1.0/5.X1.1/5.X1.X Cross-site request forgery (CSRF) vulnerability in OpenID 5.x before 5x.-1.2, a module for Drupal, allows remote attackers to hijack the authentication of unspecified victims to delete OpenID identities via unknown vectors. | 6.8 |
| 2009-06-22 | CVE-2009-2150 | Cross-Site Request Forgery (CSRF) vulnerability in Campusvirtualcomputrade Campus Virtual-Lms Multiple cross-site request forgery (CSRF) vulnerabilities in Campus Virtual-LMS allow (1) remote attackers to hijack the authentication of arbitrary users for requests that terminate a session via login/logout.php, and might allow remote attackers to hijack the authentication of certain users via a (2) ADD or (3) DELETE action to enrolments/step2.php. | 6.8 |
| 2009-06-19 | CVE-2009-2129 | Cross-Site Request Forgery (CSRF) vulnerability in Elvinbts 1.2.0 Cross-site request forgery (CSRF) vulnerability in login.php in Elvin 1.2.0 allows remote attackers to hijack the authentication of arbitrary users via a logout action. | 6.8 |
| 2009-06-15 | CVE-2009-2073 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Wrt160N 1.02.2 Cross-site request forgery (CSRF) vulnerability in Linksys WRT160N wireless router hardware 1 and firmware 1.02.2 allows remote attackers to hijack the authentication of other users for unspecified requests via unknown vectors, as demonstrated using administrator privileges and actions. | 6.8 |
| 2009-06-08 | CVE-2009-2005 | Cross-Site Request Forgery (CSRF) vulnerability in Dokeos 1.8.5 Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors. | 6.8 |
| 2009-06-08 | CVE-2008-6832 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira 3.13 Cross-site request forgery (CSRF) vulnerability in Atlassian JIRA Enterprise Edition 3.13 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2009-06-04 | CVE-2008-6823 | Cross-Site Request Forgery (CSRF) vulnerability in A-Link Wl54Ap2 and Wl54Ap3 Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface on the A-LINK WL54AP3 and WL54AP2 access points before firmware 1.4.2-eng1 allow remote attackers to hijack the authentication of administrators for requests that (1) modify the network configuration via certain parameters to goform/formWanTcpipSetup or (2) modify credentials via certain parameters to goform/formPasswordSetup. | 6.8 |
| 2009-05-28 | CVE-2009-1802 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Multiple cross-site request forgery (CSRF) vulnerabilities in FreePBX 2.5.1, and other 2.4.x, 2.5.x, and pre-release 2.6.x versions, allow remote attackers to hijack the authentication of admins for requests that create a new admin account or have unspecified other impact. | 6.8 |
| 2009-05-22 | CVE-2009-1757 | Cross-Site Request Forgery (CSRF) vulnerability in Transmissionbt Transmission Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 before 1.53 and 1.6 before 1.61 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
| 2009-05-20 | CVE-2009-1733 | Cross-Site Request Forgery (CSRF) vulnerability in Richard Ellerbrock Ipplan 4.91A Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a allows remote attackers to hijack the authentication of administrators for requests that (1) change the password, (2) add users, or (3) delete users via unknown vectors. | 6.8 |