Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-12922
A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in the Setup page.
Phpmyadmin Phpmyadmin
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
1 EDB exploit
8.8
CVSSv3
CVE-2017-8928
mailcow 0.14, as used in "mailcow: dockerized" and other products, has CSRF.
Mailcow Mailcow\\ Dockerized
1 EDB exploit
NA
CVE-2015-5534
Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall prior to 1.8 allow remote malicious users to hijack the authentication of administrators for requests that (1) put the website under maintenance via the maintenance_enable parameter or (2) conduct cross-site scr...
Oxwall Oxwall
1 EDB exploit
NA
CVE-2013-1414
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices prior to 4.3.13 and 5.x prior to 5.0.2 allow remote malicious users to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, o...
Fortinet Fortios 5.0.1
Fortinet Fortios 5.0
Fortinet Fortios
Fortinet Fortios 4.3.10
Fortinet Fortigate-3040b -
Fortinet Fortigate-3240c -
Fortinet Fortigate-5001b -
Fortinet Fortigate-80c -
Fortinet Fortigate-40c -
Fortinet Fortigate-20c -
Fortinet Fortigate-110c -
Fortinet Fortigate-voice-80c -
Fortinet Fortigate-1240b -
Fortinet Fortigate-300c -
Fortinet Fortigate-5020 -
Fortinet Fortigate-3950b -
Fortinet Fortigate-311b -
Fortinet Fortigate-310b -
Fortinet Fortigate-800c -
Fortinet Fortigate-5001a-sw -
Fortinet Fortigate-5101c -
Fortinet Fortigate-600c -
1 EDB exploit
NA
CVE-2015-6545
Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb prior to 7.0.4 allows remote malicious users to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action.
Webgroupmedia Cerb
1 EDB exploit
NA
CVE-2014-8429
Cross-site request forgery (CSRF) vulnerability in Xavoc Technocrats xEpan CMS 1.0.4.1, 1.0.4, 1.0.1, and previous versions allows remote malicious users to hijack the authentication of administrators for requests that create new administrative accounts via a crafted request to t...
Xavoc Xepan Cms 1.0.4
Xavoc Xepan Cms
Xavoc Xepan Cms 1.0.4.1
1 EDB exploit
NA
CVE-2012-2275
Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink 1.9.3 and previous versions allow remote malicious users to hijack the authentication of users for requests that add, delete, or modify sensitive information, as demonstrated by changing the administrator'...
Teamst Testlink 1.8
Teamst Testlink 1.7.4
Teamst Testlink 1.8.1
Teamst Testlink 1.7.3
Teamst Testlink 1.8.0
Teamst Testlink 1.8.2
Teamst Testlink 1.8.4
Teamst Testlink
Teamst Testlink 1.7.2
Teamst Testlink 1.8.3
Teamst Testlink 1.7.0
Teamst Testlink 1.7.1
Teamst Testlink 1.7
1 EDB exploit
NA
CVE-2013-7209
Cross-site request forgery (CSRF) vulnerability in admBase/login.page in the Admin module in JForum allows remote malicious users to hijack the authentication of administrators for requests that change the user group permissions of arbitrary users via a groupsSave action.
Jforum Jforum -
1 EDB exploit
4.5
CVSSv3
CVE-2017-8382
admidio 3.2.8 has CSRF in adm_program/modules/members/members_function.php with an impact of deleting arbitrary user accounts.
Admidio Admidio 3.2.8
1 EDB exploit
1 Github repository
8.8
CVSSv3
CVE-2018-8811
Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in OpenCMS 10.5.3 allows remote malicious users to hijack the authentication of administrative users for requests that perform privilege escalation. Note: It is argued that OpenCMS al...
Alkacon Opencms 10.5.3
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »