Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
csrf-magic project csrf-magic vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-17590
The csrf_callback function in the CSRF Magic library through 2016-03-27 is vulnerable to CSRF protection bypass as it allows one to tamper with the csrf token values. A remote attacker can exploit this by crafting a malicious page and dispersing it to a victim via social engineer...
Csrf Magic Project Csrf Magic
8.8
CVSSv3
CVE-2013-7464
In csrf-magic prior to 1.0.4, if $GLOBALS['csrf']['secret'] is not configured, the Anti-CSRF Token used is predictable and would permit an malicious user to bypass the CSRF protections, because an automatically generated secret is not used.
Csrf-magic Project Csrf-magic
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started