Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2017-13129
Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.
Zkteco Zktime Web 2.0.1.12280
1 EDB exploit
4.3
CVSSv2
CVE-2019-7440
JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi).
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
9.3
CVSSv2
CVE-2010-4507
Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpot 2.0.0.0 R1679, and the ClearSpot 2.0.0.0 R1512 and R1786, with firmware 1.9.9.4 allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary commands via...
Clear Ispot Firmware 1.9.9.4
Clear Ispot 2.0.0.0
Clear Clearspot Firmware 1.9.9.4
Clear Clearspot 2.0.0.0
1 EDB exploit
6.8
CVSSv2
CVE-2018-8908
An issue exists in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges...
Frog Cms Project Frog Cms 0.9.5
1 EDB exploit
6.8
CVSSv2
CVE-2014-4865
Cross-site request forgery (CSRF) vulnerability in gui/password-wadmin.apl in CacheGuard OS 5.7.7 allows remote malicious users to hijack the authentication of arbitrary users.
Cacheguard Cacheguardos 5.7.7
1 EDB exploit
5.1
CVSSv2
CVE-2012-2959
Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote malicious users to hijack the authentication of administrators for requests that change passwords.
Bmc Identity Management Suite 7.5.00.103
1 EDB exploit
4.3
CVSSv2
CVE-2019-19516
Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp to the goform/SysToolChangePwd URI to change a password.
Intelbras Wrn 150 Firmware 1.0.18
1 EDB exploit
6.8
CVSSv2
CVE-2015-6655
Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote malicious users to hijack the authentication of administrators for requests that add an administrator via a request to admin/admin_users.php.
Pligg Pligg Cms 2.0.2
1 EDB exploit
5.8
CVSSv2
CVE-2011-4403
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote malicious users to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setfl...
Zen-cart Zen Cart 1.3.9h
1 EDB exploit
6.8
CVSSv2
CVE-2018-8979
Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.
Open-audit Open-audit 2.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »