Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-12-01 CVE-2022-40489 Cross-Site Request Forgery (CSRF) vulnerability in Thinkcmf 6.0.7
ThinkCMF version 6.0.7 is affected by a Cross Site Request Forgery (CSRF) vulnerability that allows a Super Administrator user to be injected into administrative users.
network
low complexity
thinkcmf CWE-352
8.8
8.8
2022-11-30 CVE-2022-41413 Cross-Site Request Forgery (CSRF) vulnerability in Perfsonar
perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.
network
low complexity
perfsonar CWE-352
4.3
4.3
2022-11-29 CVE-2022-3747 Cross-Site Request Forgery (CSRF) vulnerability in Muffingroup Becustom 1.0.5.2
The Becustom plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5.2.
network
low complexity
muffingroup CWE-352
6.5
6.5
2022-11-29 CVE-2022-3898 Cross-Site Request Forgery (CSRF) vulnerability in WP Affiliate Platform Project WP Affiliate Platform 6.3.9
The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.9.
network
low complexity
wp-affiliate-platform-project CWE-352
6.5
6.5
2022-11-28 CVE-2022-44937 Cross-Site Request Forgery (CSRF) vulnerability in Bosscms 2.0.0
Bosscms v2.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Add function under the Administrator List module.
network
low complexity
bosscms CWE-352
6.5
6.5
2022-11-25 CVE-2022-23044 Cross-Site Request Forgery (CSRF) vulnerability in Tiny File Manager Project Tiny File Manager 2.4.8
Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to persuade users to perform unintended actions within the application.
network
low complexity
tiny-file-manager-project CWE-352
8.8
8.8
2022-11-24 CVE-2022-4090 Cross-Site Request Forgery (CSRF) vulnerability in Stock Management System Project Stock Management System
A vulnerability was found in rickxy Stock Management System and classified as problematic.
network
low complexity
stock-management-system-project CWE-352
8.8
8.8
2022-11-23 CVE-2021-29334 Cross-Site Request Forgery (CSRF) vulnerability in Jizhicms 1.9.4
An issue was discovered in JIZHI CMS 1.9.4.
network
low complexity
jizhicms CWE-352
8.8
8.8
2022-11-23 CVE-2022-45149 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A vulnerability was found in Moodle which exists due to insufficient validation of the HTTP request origin in course redirect URL.
network
low complexity
moodle fedoraproject CWE-352
5.4
5.4
2022-11-23 CVE-2020-23586 Cross-Site Request Forgery (CSRF) vulnerability in Optilinknetwork Op-Xt71000N Firmware 3.3.1191028
A vulnerability found in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Add Network Traffic Control Type Rule.
network
low complexity
optilinknetwork CWE-352
4.3
4.3