Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4051
Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF Casper Suite prior to 8.61 allow remote malicious users to hijack the authentication of administrators for requests that (1) create user accounts or ...
Jamf Casper Suite
Jamf Casper Suite 8.5
Jamf Casper Suite 8.51
Jamf Casper Suite 8.43
Jamf Casper Suite 8.2
Jamf Casper Suite 8.0
Jamf Casper Suite 7.3
Jamf Casper Suite 7.2
Jamf Casper Suite 7.1
Jamf Casper Suite 8.4
Jamf Casper Suite 8.3
Jamf Casper Suite 8.1
Jamf Casper Suite 7.0
1 EDB exploit
8.8
CVSSv3
CVE-2017-16244
Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an malicious user to successfully take over the victim's account. The attack bypasses a protection mechanism involving X-CSRF hea...
Octobercms October 1.0.426
1 EDB exploit
NA
CVE-2012-1921
Cross-site request forgery (CSRF) vulnerability in goform/admin/formWlEncrypt in Sitecom WLM-2501 allows remote malicious users to hijack the authentication of administrators for requests that change the router passphrase via the pskValue parameter.
Sitecom Wlm-2501 -
2 EDB exploits
NA
CVE-2012-1922
Multiple cross-site request forgery (CSRF) vulnerabilities in Sitecom WLM-2501 allow remote malicious users to hijack the authentication of administrators for requests that modify settings for (1) Mac Filtering via admin/formFilter, (2) IP/Port Filtering via formFilter, (3) Port ...
Sitecom Wlm-2501 -
2 EDB exploits
NA
CVE-2012-6434
Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) download_url, (2) download_url_extended, (3)...
E107 E107 1.0.2
1 EDB exploit
NA
CVE-2010-4507
Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpot 2.0.0.0 R1679, and the ClearSpot 2.0.0.0 R1512 and R1786, with firmware 1.9.9.4 allow remote malicious users to hijack the authentication of administrators for requests that (1) execute arbitrary commands via...
Clear Ispot Firmware 1.9.9.4
Clear Ispot 2.0.0.0
Clear Clearspot Firmware 1.9.9.4
Clear Clearspot 2.0.0.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-8979
Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.
Open-audit Open-audit 2.1
1 EDB exploit
NA
CVE-2012-2959
Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote malicious users to hijack the authentication of administrators for requests that change passwords.
Bmc Identity Management Suite 7.5.00.103
1 EDB exploit
8.8
CVSSv3
CVE-2018-7176
FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php (aka the "add user" feature of the User Permissions page).
Frontaccounting Frontaccounting 2.4.3
1 EDB exploit
8.8
CVSSv3
CVE-2019-11416
A CSRF issue exists on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.
Intelbras Iwr 3000n Firmware 1.5.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »