Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
4.5
CVSSv3
CVE-2017-8382
admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.
Admidio Admidio 3.2.8
1 EDB exploit
1 Github repository
6.5
CVSSv3
CVE-2018-8814
Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote malicious users to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request.
Wolfcms Wolf Cms 0.8.3.1
1 EDB exploit
NA
CVE-2013-1414
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices prior to 4.3.13 and 5.x prior to 5.0.2 allow remote malicious users to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, o...
Fortinet Fortios
Fortinet Fortios 4.3.10
Fortinet Fortios 5.0
Fortinet Fortios 5.0.1
Fortinet Fortigate-1000c -
Fortinet Fortigate-100d -
Fortinet Fortigate-110c -
Fortinet Fortigate-1240b -
Fortinet Fortigate-200b -
Fortinet Fortigate-20c -
Fortinet Fortigate-300c -
Fortinet Fortigate-3040b -
Fortinet Fortigate-310b -
Fortinet Fortigate-311b -
Fortinet Fortigate-3140b -
Fortinet Fortigate-3240c -
Fortinet Fortigate-3810a -
Fortinet Fortigate-3950b -
Fortinet Fortigate-40c -
Fortinet Fortigate-5001a-sw -
Fortinet Fortigate-5001b -
Fortinet Fortigate-5020 -
1 EDB exploit
NA
CVE-2014-8429
Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and previous versions allows remote malicious users to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to t...
Xavoc Xepan Cms 1.0.4
Xavoc Xepan Cms 1.0.4.1
Xavoc Xepan Cms
1 EDB exploit
8.8
CVSSv3
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password.
1234n Minicms 1.10
1 EDB exploit
8.8
CVSSv3
CVE-2017-8928
mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.
Mailcow Mailcow Dockerized
1 EDB exploit
NA
CVE-2013-7209
Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote malicious users to hijack the authentication of administrators for requests that change the user group permissions of arbitrary users via a groupsSave action.
Jforum Jforum -
1 EDB exploit
8.8
CVSSv3
CVE-2018-8811
Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in OpenCMS 10.5.3 allows remote malicious users to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS al...
Alkacon Opencms 10.5.3
1 EDB exploit
NA
CVE-2015-5534
Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall prior to 1.8 allow remote malicious users to hijack the authentication of administrators for requests that (1) put the website under maintenance via the maintenance_enable parameter or (2) conduct cross-site scr...
Oxwall Oxwall
1 EDB exploit
NA
CVE-2015-6545
Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb prior to 7.0.4 allows remote malicious users to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action.
Webgroupmedia Cerb
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »