Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-4507
Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpot 2.0.0.0 R1679, and the ClearSpot 2.0.0.0 R1512 and R1786, with firmware 1.9.9.4 allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary commands via...
Clear Ispot Firmware 1.9.9.4
Clear Ispot 2.0.0.0
Clear Clearspot Firmware 1.9.9.4
Clear Clearspot 2.0.0.0
1 EDB exploit
NA
CVE-2012-2959
Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote malicious users to hijack the authentication of administrators for requests that change passwords.
Bmc Identity Management Suite 7.5.00.103
1 EDB exploit
8
CVSSv3
CVE-2017-13129
Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.
Zkteco Zktime Web 2.0.1.12280
1 EDB exploit
NA
CVE-2014-3778
Multiple cross-site request forgery (CSRF) vulnerabilities in goform/RgDdns in ARRIS (formerly Motorola) SBG901 SURFboard Wireless Cable Modem allow remote malicious users to hijack the authentication of administrators for requests that (1) change the dns service via the DdnsServ...
Commscope Arris Sbg901 -
1 EDB exploit
8.8
CVSSv3
CVE-2017-7398
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. This enables an malicious user to perform an unwanted action on a wireless router for which the user/admin is currently authenticated, as demonstrated by changing the Security option ...
D-link Dir-615 Firmware 20.09
1 EDB exploit
NA
CVE-2014-2989
Cross-site request forgery (CSRF) vulnerability in Open Assessment Technologies TAO 2.5.6 allows remote malicious users to hijack the authentication of administrators for requests that create administrative accounts via a request to Users/add.
Open Assessment Technologies Tao 2.5.6
1 EDB exploit
8.8
CVSSv3
CVE-2016-3403
Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration prior to 8.6.0 Patch 8 allow remote malicious users to hijack the authentication of administrators for requests that (1) add, (2) modify, or (3) remove accounts by leveraging f...
Synacor Zimbra Collaboration Suite
NA
CVE-2013-4889
Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Digital Signage Xibo 1.4.2 allow remote malicious users to hijack the authentication of administrators for requests that (1) add a new administrator via the AddUser action or (2) conduct cross-site scripti...
Springsignage Xibo 1.4.2
1 EDB exploit
NA
CVE-2024-25344
Cross Site Scripting vulnerability in ITFlow.org before commit v.432488eca3998c5be6b6b9e8f8ba01f54bc12378 allows a remtoe malicious user to execute arbitrary code and obtain sensitive information via the settings.php, settings+company.php, settings_defaults.php,settings_integrati...
NA
CVE-2011-1026
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 up to and including 1.2.2, and 1.3.x prior to 1.3.5, allow remote malicious users to hijack the authentication of administrators.
Apache Archiva 1.1
Apache Archiva 1.1.1
Apache Archiva 1.2-m1
Apache Archiva 1.3
Apache Archiva 1.1.2
Apache Archiva 1.1.3
Apache Archiva 1.2.1
Apache Archiva 1.2.2
Apache Archiva 1.1.4
Apache Archiva 1.2
Apache Archiva 1.0
Apache Archiva 1.0.1
Apache Archiva 1.3.4
Apache Archiva 1.0.2
Apache Archiva 1.0.3
Apache Archiva 1.3.1
Apache Archiva 1.3.2
Apache Archiva 1.3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »