Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
csrf vulnerabilities and exploits
(subscribe to this query)
357
VMScore
CVE-2020-11681
Castel NextGen DVR v1.0.0 stores and displays credentials for the associated SMTP server in cleartext. Low privileged users can exploit this to create an administrator user and obtain the SMTP credentials.
Castel Nextgen Dvr Firmware 1.0.0
606
VMScore
CVE-2015-2755
Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin prior to 4.0 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) l...
Ab Google Map Travel Project Ab Google Map Travel
516
VMScore
CVE-2012-4842
Open redirect vulnerability in the web server in IBM Lotus Domino 8.5.x up to and including 8.5.3 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Ibm Lotus Domino 8.5.1.2
Ibm Lotus Domino 8.5.1
Ibm Lotus Domino 8.5.2.4
Ibm Lotus Domino 8.5.3.0
Ibm Lotus Domino 8.5.1.3
Ibm Lotus Domino 8.5.0
Ibm Lotus Domino 8.5.2.2
Ibm Lotus Domino 8.5.2.1
Ibm Lotus Domino 8.5.0.1
Ibm Lotus Domino 8.5.1.5
Ibm Lotus Domino 8.5.2.0
Ibm Lotus Domino 8.5.2.3
Ibm Lotus Domino 8.5.1.1
Ibm Lotus Domino 8.5.1.4
NA
CVE-2016-253924
ATutor LMS versions 2.2.1 and below cross site request forgery remote code execution exploit that leverages install_modules.php.
605
VMScore
CVE-2014-7957
Multiple cross-site request forgery (CSRF) vulnerabilities in the Pods plugin prior to 2.5 for WordPress allow remote malicious users to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks via the toggled parameter in a tog...
Pods Foundation Pods
828
VMScore
CVE-2018-12455
Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an malicious user to authenticate in the web interface just by using "admin:" as the name of a cookie.
Intelbras Nplug Firmware 1.0.0.14
605
VMScore
CVE-2018-12456
Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing malicious users to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access.
Intelbras Nplug Firmware 1.0.0.14
383
VMScore
CVE-2018-17337
Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast.
Intelbras Nplug Firmware 1.0.0.14
605
VMScore
CVE-2014-9401
Cross-site request forgery (CSRF) vulnerability in the WP Limit Posts Automatically plugin 0.7 and previous versions for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the lpa...
Wp Limit Posts Automatically Project Wp Limit Posts Automatically
605
VMScore
CVE-2014-0740
Cross-site request forgery (CSRF) vulnerability in the Call Detail Records Analysis and Reporting (CAR) interface in the OS Administration component in Cisco Unified Communications Manager (Unified CM) 10.0(1) and previous versions allows remote malicious users to hijack the auth...
Cisco Unified Communications Manager 4.1\\(3\\)sr4
Cisco Unified Communications Manager 4.2
Cisco Unified Communications Manager 4.2.1
Cisco Unified Communications Manager 4.2.2
Cisco Unified Communications Manager
Cisco Unified Communications Manager 3.3\\(5\\)
Cisco Unified Communications Manager 3.3\\(5\\)sr1
Cisco Unified Communications Manager 3.3\\(5\\)sr2a
Cisco Unified Communications Manager 4.3
Cisco Unified Communications Manager 10.0
Cisco Unified Communications Manager 4.1\\(3\\)
Cisco Unified Communications Manager 4.1\\(3\\)sr2
Cisco Unified Communications Manager 4.2.3sr1
Cisco Unified Communications Manager 4.2.3sr2b
Cisco Unified Communications Manager 4.1\\(3\\)sr1
Cisco Unified Communications Manager 4.1\\(3\\)sr3
Cisco Unified Communications Manager 4.2.3
Cisco Unified Communications Manager 4.2.3sr2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »