Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4051
Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF Casper Suite prior to 8.61 allow remote malicious users to hijack the authentication of administrators for requests that (1) create user accounts or ...
Jamf Casper Suite
Jamf Casper Suite 8.5
Jamf Casper Suite 8.51
Jamf Casper Suite 8.43
Jamf Casper Suite 8.2
Jamf Casper Suite 8.0
Jamf Casper Suite 7.3
Jamf Casper Suite 7.2
Jamf Casper Suite 7.1
Jamf Casper Suite 8.4
Jamf Casper Suite 8.3
Jamf Casper Suite 8.1
Jamf Casper Suite 7.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-5969
Cross Site Request Forgery (CSRF) exists in Photography CMS 1.0 via clients/resources/ajax/ajax_new_admin.php, as demonstrated by adding an admin account.
Photography Cms Project Photography Cms 1.0
1 EDB exploit
NA
CVE-2014-5395
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 prior to 21.270.21.00.00, and E586Bs-2 prior to 21.322.10.00.889 allow remote malicious users to hijac...
Huawei E5180s-22 Firmware
Huawei E3276 Firmware
Huawei E3236 Firmware
Huawei E586bs-2 Firmware
1 EDB exploit
NA
CVE-2012-1922
Multiple cross-site request forgery (CSRF) vulnerabilities in Sitecom WLM-2501 allow remote malicious users to hijack the authentication of administrators for requests that modify settings for (1) Mac Filtering via admin/formFilter, (2) IP/Port Filtering via formFilter, (3) Port ...
Sitecom Wlm-2501 -
2 EDB exploits
NA
CVE-2014-3778
Multiple cross-site request forgery (CSRF) vulnerabilities in goform/RgDdns in ARRIS (formerly Motorola) SBG901 SURFboard Wireless Cable Modem allow remote malicious users to hijack the authentication of administrators for requests that (1) change the dns service via the DdnsServ...
Commscope Arris Sbg901 -
1 EDB exploit
NA
CVE-2012-6434
Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) download_url, (2) download_url_extended, (3)...
E107 E107 1.0.2
1 EDB exploit
8.8
CVSSv3
CVE-2017-16244
Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an malicious user to successfully take over the victim's account. The attack bypasses a protection mechanism involving X-CSRF hea...
Octobercms October 1.0.426
1 EDB exploit
8.8
CVSSv3
CVE-2019-11416
A CSRF issue exists on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.
Intelbras Iwr 3000n Firmware 1.5.0
1 EDB exploit
8.8
CVSSv3
CVE-2019-11374
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.
74cms 74cms 5.0.1
1 EDB exploit
8.8
CVSSv3
CVE-2017-7398
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an malicious user to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option ...
D-link Dir-615 Firmware 20.09
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »