Vulnerabilities > Csrf Magic Project

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-26	CVE-2019-17590	Cross-Site Request Forgery (CSRF) vulnerability in CSRF Magic Project CSRF Magic 20160327 The csrf_callback function in the CSRF Magic library through 2016-03-27 is vulnerable to CSRF protection bypass as it allows one to tamper with the csrf token values. network low complexity csrf-magic-project CWE-352	8.8
2018-08-08	CVE-2013-7464	Cross-Site Request Forgery (CSRF) vulnerability in Csrf-Magic Project Csrf-Magic In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not configured, the Anti-CSRF Token used is predictable and would permit an attacker to bypass the CSRF protections, because an automatically generated secret is not used. network csrf-magic-project CWE-352	6.8

Vulnerabilities > Csrf Magic Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Csrf Magic Project"}]}