Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-02 | CVE-2022-45668 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda I22 Firmware 1.0.0.3(4687) Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | 6.5 |
| 2022-12-02 | CVE-2022-45673 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda AC6 Firmware 15.03.05.19 Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | 6.5 |
| 2022-12-02 | CVE-2022-45674 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda AC6 Firmware 15.03.05.19 Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | 6.5 |
| 2022-12-01 | CVE-2022-41297 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2022-12-01 | CVE-2022-40489 | Cross-Site Request Forgery (CSRF) vulnerability in Thinkcmf 6.0.7 ThinkCMF version 6.0.7 is affected by a Cross Site Request Forgery (CSRF) vulnerability that allows a Super Administrator user to be injected into administrative users. | 8.8 |
| 2022-11-30 | CVE-2022-41413 | Cross-Site Request Forgery (CSRF) vulnerability in Perfsonar perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function. | 4.3 |
| 2022-11-29 | CVE-2022-3747 | Cross-Site Request Forgery (CSRF) vulnerability in Muffingroup Becustom 1.0.5.2 The Becustom plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5.2. | 6.5 |
| 2022-11-29 | CVE-2022-3898 | Cross-Site Request Forgery (CSRF) vulnerability in WP Affiliate Platform Project WP Affiliate Platform 6.3.9 The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.9. | 6.5 |
| 2022-11-28 | CVE-2022-44937 | Cross-Site Request Forgery (CSRF) vulnerability in Bosscms 2.0.0 Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Add function under the Administrator List module. | 6.5 |
| 2022-11-25 | CVE-2022-23044 | Cross-Site Request Forgery (CSRF) vulnerability in Tiny File Manager Project Tiny File Manager 2.4.8 Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application. | 8.8 |