Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-6023
Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc.
Fastweb Fastgate Firmware 0.00.47
1 EDB exploit
NA
CVE-2015-4460
Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box prior to 4.0.0 (r19171) allows remote malicious users to hijack the authentication of administrators for requests that add administrator accounts via certain vectors...
Boxautomation C2box
1 EDB exploit
8.8
CVSSv3
CVE-2016-0891
Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM prior to 3.7 allow remote malicious users to hijack the authentication of administrators.
Emc Vipr Srm
1 EDB exploit
8.8
CVSSv3
CVE-2018-19135
ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an malicious user to perform actions for an admin (or any user with the file upload capability). With this vulnerability, one can automatically upload files (by de...
Clippercms Clippercms 1.3.3
1 EDB exploit
8.8
CVSSv3
CVE-2017-6086
Multiple cross-site request forgery (CSRF) vulnerabilities in the addAction and purgeAction functions in ViMbAdmin 3.0.15 allow remote malicious users to hijack the authentication of logged administrators to (1) add an administrator user via a crafted POST request to <vimbadmi...
Vimbadmin Vimbadmin 3.0.15
1 EDB exploit
NA
CVE-2013-0663
Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote malicious users to hijack the au...
Schneider-electric Modicon Quantum Plc 140noe77101
Schneider-electric Modicon Quantum Plc 140nwm10000
Schneider-electric Modicon Quantum Plc 140noe77111
Schneider-electric Modicon M340 Bmxnoe0100x
Schneider-electric Modicon M340 Bmxnoe011xx
Schneider-electric Modicon M340 Bmxnoc0401
Schneider-electric Modicon Premium Tsxety5103
Schneider-electric Modicon Premium Tsxwmy100
Schneider-electric Modicon Premium Tsxety4103
1 EDB exploit
8.8
CVSSv3
CVE-2018-12602
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily.
Lfdycms Lfcms 3.7.0
1 EDB exploit
NA
CVE-2012-6493
Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console prior to 5.5.4 allows remote malicious users to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete.
Rapid7 Nexpose
Rapid7 Nexpose 5.5.1
Rapid7 Nexpose 5.4.12
Rapid7 Nexpose 5.4.11
Rapid7 Nexpose 5.4.10
Rapid7 Nexpose 5.4.5
Rapid7 Nexpose 5.4.4
Rapid7 Nexpose 5.4.3
Rapid7 Nexpose 5.4.2
Rapid7 Nexpose 5.4.9
Rapid7 Nexpose 5.4.7
Rapid7 Nexpose 5.4
Rapid7 Nexpose 5.4.8
Rapid7 Nexpose 5.4.6
Rapid7 Nexpose 5.4.1
1 EDB exploit
8.8
CVSSv3
CVE-2015-6541
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collaboration Server (ZCS) prior to 8.5 allow remote malicious users to hijack the authentication of arbitrary users for requests that change account preferences via a SOAP request to servi...
Zimbra Zimbra Collaboration Server
1 EDB exploit
7.5
CVSSv3
CVE-2017-9415
Cross-site request forgery (CSRF) vulnerability in subsonic 6.1.1 allows remote attackers with knowledge of the target username to hijack the authentication of users for requests that change passwords via a crafted request to userSettings.view.
Subsonic Subsonic 6.1.1
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »