Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
685
VMScore
CVE-2012-4051
Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF Casper Suite prior to 8.61 allow remote malicious users to hijack the authentication of administrators for requests that (1) create user accounts or ...
Jamf Casper Suite
Jamf Casper Suite 8.5
Jamf Casper Suite 8.51
Jamf Casper Suite 8.43
Jamf Casper Suite 8.2
Jamf Casper Suite 8.0
Jamf Casper Suite 7.3
Jamf Casper Suite 7.2
Jamf Casper Suite 7.1
Jamf Casper Suite 8.4
Jamf Casper Suite 8.3
Jamf Casper Suite 8.1
Jamf Casper Suite 7.0
1 EDB exploit
685
VMScore
CVE-2018-5969
Cross Site Request Forgery (CSRF) exists in Photography CMS 1.0 via clients/resources/ajax/ajax_new_admin.php, as demonstrated by adding an admin account.
Photography Cms Project Photography Cms 1.0
1 EDB exploit
685
VMScore
CVE-2019-11374
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.
74cms 74cms 5.0.1
1 EDB exploit
685
VMScore
CVE-2015-6655
Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote malicious users to hijack the authentication of administrators for requests that add an administrator via a request to admin/admin_users.php.
Pligg Pligg Cms 2.0.2
1 EDB exploit
685
VMScore
CVE-2018-8979
Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.
Open-audit Open-audit 2.1
1 EDB exploit
685
VMScore
CVE-2014-5395
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 prior to 21.270.21.00.00, and E586Bs-2 prior to 21.322.10.00.889 allow remote malicious users to hijac...
Huawei E5180s-22 Firmware
Huawei E3276 Firmware
Huawei E3236 Firmware
Huawei E586bs-2 Firmware
1 EDB exploit
685
VMScore
CVE-2018-15845
There is a CSRF vulnerability that can add an administrator account in Gleez CMS 1.2.0 via admin/users/add.
Gleezcms Gleez Cms 1.2.0
1 EDB exploit
435
VMScore
CVE-2019-7440
JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi).
Jio Jiofi 4g M2s Firmware 1.0.2
1 EDB exploit
685
VMScore
CVE-2018-8908
An issue exists in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges...
Frog Cms Project Frog Cms 0.9.5
1 EDB exploit
690
VMScore
CVE-2012-1921
Cross-site request forgery (CSRF) vulnerability in goform/admin/formWlEncrypt in Sitecom WLM-2501 allows remote malicious users to hijack the authentication of administrators for requests that change the router passphrase via the pskValue parameter.
Sitecom Wlm-2501 -
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »