Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2015-5534
Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall prior to 1.8 allow remote malicious users to hijack the authentication of administrators for requests that (1) put the website under maintenance via the maintenance_enable parameter or (2) conduct cross-site scr...
Oxwall Oxwall
1 EDB exploit
5.8
CVSSv2
CVE-2018-8814
Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote malicious users to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request.
Wolfcms Wolf Cms 0.8.3.1
1 EDB exploit
3.5
CVSSv2
CVE-2017-8382
admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.
Admidio Admidio 3.2.8
1 EDB exploit
1 Github repository
6.8
CVSSv2
CVE-2015-6545
Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb prior to 7.0.4 allows remote malicious users to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action.
Webgroupmedia Cerb
1 EDB exploit
6.8
CVSSv2
CVE-2018-8811
Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in OpenCMS 10.5.3 allows remote malicious users to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS al...
Alkacon Opencms 10.5.3
1 EDB exploit
6.8
CVSSv2
CVE-2014-8429
Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and previous versions allows remote malicious users to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to t...
Xavoc Xepan Cms 1.0.4
Xavoc Xepan Cms
Xavoc Xepan Cms 1.0.4.1
1 EDB exploit
6.8
CVSSv2
CVE-2018-9092
There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password.
1234n Minicms 1.10
1 EDB exploit
6.8
CVSSv2
CVE-2015-5075
Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM prior to 5.2 allows remote malicious users to hijack the authentication of administrators for requests that create an administrative account via a crafted request to index.php/users/create.
X2engine X2crm
1 EDB exploit
6.8
CVSSv2
CVE-2012-2275
Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink 1.9.3 and previous versions allow remote malicious users to hijack the authentication of users for requests that add, delete, or modify sensitive information, as demonstrated by changing the administrator'...
Teamst Testlink 1.8
Teamst Testlink 1.7.4
Teamst Testlink 1.8.1
Teamst Testlink 1.7.3
Teamst Testlink 1.8.0
Teamst Testlink 1.8.2
Teamst Testlink 1.8.4
Teamst Testlink
Teamst Testlink 1.7.2
Teamst Testlink 1.8.3
Teamst Testlink 1.7.0
Teamst Testlink 1.7.1
Teamst Testlink 1.7
1 EDB exploit
5.8
CVSSv2
CVE-2019-12922
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
Phpmyadmin Phpmyadmin
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »