Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-13 | CVE-2022-41474 | Cross-Site Request Forgery (CSRF) vulnerability in Rpcms 3.0.2 RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily change the password of any account. | 6.5 |
| 2022-10-13 | CVE-2022-41475 | Cross-Site Request Forgery (CSRF) vulnerability in Rpcms 3.0.2 RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add an administrator account. | 8.8 |
| 2022-10-13 | CVE-2022-41489 | Cross-Site Request Forgery (CSRF) vulnerability in Wayos products WAYOS LQ_09 22.03.17V was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to send crafted requests to the server from the affected device. | 8.1 |
| 2022-10-13 | CVE-2022-34020 | Cross-Site Request Forgery (CSRF) vulnerability in Resiot IOT Platform and Lorawan Network Server Cross Site Request Forgery (CSRF) vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts. | 8.8 |
| 2022-10-12 | CVE-2022-42077 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac1206 Firmware 15.03.06.23Multitd01 Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | 6.5 |
| 2022-10-12 | CVE-2022-42078 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ac1206 Firmware 15.03.06.23Multitd01 Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | 6.5 |
| 2022-10-12 | CVE-2022-42086 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax1803 Firmware 1.0.0.12994Cnzgyd014 Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function TendaAteMode. | 6.5 |
| 2022-10-12 | CVE-2022-42087 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax1803 Firmware 1.0.0.12994Cnzgyd014 Tenda AX1803 US_AX1803v2.0br_v1.0.0.1_2994_CN_ZGYD01_4 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | 6.5 |
| 2022-10-10 | CVE-2022-3154 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products The Woo Billingo Plus WordPress plugin before 4.4.5.4, Integration for Billingo & Gravity Forms WordPress plugin before 1.0.4, Integration for Szamlazz.hu & Gravity Forms WordPress plugin before 1.2.7 are lacking CSRF checks in various AJAX actions, which could allow attackers to make logged in Shop Managers and above perform unwanted actions, such as deactivate the plugin's license | 7.1 |
| 2022-10-07 | CVE-2022-22493 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Automation for IBM Cloud PAK for Watson Aiops 1.4.2 IBM WebSphere Automation for Cloud Pak for Watson AIOps 1.4.2 is vulnerable to cross-site request forgery, caused by improper cookie attribute setting. | 8.8 |