Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-12-21 CVE-2021-4275 Cross-Site Request Forgery (CSRF) vulnerability in Pyambic-Pentameter Project Pyambic-Pentameter
A vulnerability, which was classified as problematic, was found in katlings pyambic-pentameter.
network
low complexity
pyambic-pentameter-project CWE-352
8.8
8.8
2022-12-21 CVE-2020-36622 Cross-Site Request Forgery (CSRF) vulnerability in Bienlein Project Bienlein
A vulnerability was found in sah-comp bienlein and classified as problematic.
network
low complexity
bienlein-project CWE-352
6.5
6.5
2022-12-21 CVE-2020-36623 Cross-Site Request Forgery (CSRF) vulnerability in Pengu Project Pengu
A vulnerability was found in Pengu.
network
low complexity
pengu-project CWE-352
6.5
6.5
2022-12-21 CVE-2021-4268 Cross-Site Request Forgery (CSRF) vulnerability in PHPredisadmin Project PHPredisadmin
A vulnerability, which was classified as problematic, was found in phpRedisAdmin up to 1.17.3.
network
low complexity
phpredisadmin-project CWE-352
8.8
8.8
2022-12-19 CVE-2022-4125 Cross-Site Request Forgery (CSRF) vulnerability in Popup Manager Project Popup Manager 1.6.6
The Popup Manager WordPress plugin through 1.6.6 does not have authorisation and CSRF check when creating/updating popups, and is missing sanitisation as well as escaping, which could allow unauthenticated attackers to create arbitrary popups and add Stored XSS payloads as well
network
low complexity
popup-manager-project CWE-352
4.3
4.3
2022-12-14 CVE-2022-46074 Cross-Site Request Forgery (CSRF) vulnerability in Helmet Store Showroom Project Helmet Store Showroom 1.0
Helmet Store Showroom 1.0 is vulnerable to Cross Site Request Forgery (CSRF).
network
low complexity
helmet-store-showroom-project CWE-352
8.8
8.8
2022-12-13 CVE-2022-46062 Cross-Site Request Forgery (CSRF) vulnerability in GYM Management System Project GYM Management System 0.0.1
Gym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).
network
low complexity
gym-management-system-project CWE-352
4.5
4.5
2022-12-13 CVE-2022-46059 Cross-Site Request Forgery (CSRF) vulnerability in Aerocms Project Aerocms 0.0.1
AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).
network
low complexity
aerocms-project CWE-352
6.5
6.5
2022-12-12 CVE-2022-3853 Cross-Site Request Forgery (CSRF) vulnerability in Supra-Csv-Parser Project Supra-Csv-Parser 4.0.3
Cross-site Scripting (XSS) is a client-side code injection attack.
network
low complexity
supra-csv-parser-project CWE-352
5.4
5.4
2022-12-12 CVE-2022-45980 Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn
Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet .
network
low complexity
tenda CWE-352
8.8
8.8