Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2017-5264
Versions of Nexpose before 6.4.66 fail to adequately validate the source of HTTP requests intended for the Automated Actions administrative web application, and are susceptible to a cross-site request forgery (CSRF) attack.
Rapid7 Nexpose
1 EDB exploit
6.8
CVSSv2
CVE-2017-6086
Multiple cross-site request forgery (CSRF) vulnerabilities in the addAction and purgeAction functions in ViMbAdmin 3.0.15 allow remote malicious users to hijack the authentication of logged administrators to (1) add an administrator user via a crafted POST request to <vimbadmi...
Vimbadmin Vimbadmin 3.0.15
1 EDB exploit
6.8
CVSSv2
CVE-2018-12603
Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote malicious users to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114.
Lfdycms Lfcms 3.7.0
1 EDB exploit
6.8
CVSSv2
CVE-2014-0621
Multiple cross-site request forgery (CSRF) vulnerabilities in Technicolor (formerly Thomson) TC7200 STD6.01.12 allow remote malicious users to hijack the authentication of administrators for requests that (1) perform a factory reset via a request to goform/system/factory, (2) dis...
Technicolor Tc7200 Firmware Std6.01.12
Technicolor Tc7200 -
1 EDB exploit
6.8
CVSSv2
CVE-2018-19135
ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an malicious user to perform actions for an admin (or any user with the file upload capability). With this vulnerability, one can automatically upload files (by de...
Clippercms Clippercms 1.3.3
1 EDB exploit
6.8
CVSSv2
CVE-2018-12739
In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266.
Beescms Beescms 4.0
1 EDB exploit
6.8
CVSSv2
CVE-2015-4460
Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box prior to 4.0.0 (r19171) allows remote malicious users to hijack the authentication of administrators for requests that add administrator accounts via certain vectors...
Boxautomation C2box
1 EDB exploit
6.8
CVSSv2
CVE-2014-6409
Cross-site request forgery (CSRF) vulnerability in M/Monit 3.3.2 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that change user passwords via the fullname and password parameters to /admin/users/update.
Mmonit M\\/monit
1 EDB exploit
6.8
CVSSv2
CVE-2013-0663
Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote malicious users to hijack the au...
Schneider-electric Modicon Quantum Plc 140noe77101
Schneider-electric Modicon Quantum Plc 140nwm10000
Schneider-electric Modicon Quantum Plc 140noe77111
Schneider-electric Modicon M340 Bmxnoe0100x
Schneider-electric Modicon M340 Bmxnoe011xx
Schneider-electric Modicon M340 Bmxnoc0401
Schneider-electric Modicon Premium Tsxety5103
Schneider-electric Modicon Premium Tsxwmy100
Schneider-electric Modicon Premium Tsxety4103
1 EDB exploit
9.3
CVSSv2
CVE-2019-9082
ThinkPHP prior to 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.
Thinkphp Thinkphp
Opensourcebms Open Source Background Management System 1.1.1
Zzzcms Zzzphp 1.6.1
1 EDB exploit
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »