Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cross-site request forgery vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-5395
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3276 and E3236 TCPU before V200R002B470D13SP00C00 and WebUI before V100R007B100D03SP01C03, E5180s-22 prior to 21.270.21.00.00, and E586Bs-2 prior to 21.322.10.00.889 allow remote malicious users to hijac...
Huawei E5180s-22 Firmware
Huawei E3276 Firmware
Huawei E3236 Firmware
Huawei E586bs-2 Firmware
1 EDB exploit
NA
CVE-2012-6434
Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) download_url, (2) download_url_extended, (3)...
E107 E107 1.0.2
1 EDB exploit
8.8
CVSSv3
CVE-2017-16244
Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an malicious user to successfully take over the victim's account. The attack bypasses a protection mechanism involving X-CSRF hea...
Octobercms October 1.0.426
1 EDB exploit
8.8
CVSSv3
CVE-2019-11374
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.
74cms 74cms 5.0.1
1 EDB exploit
8.8
CVSSv3
CVE-2019-11416
A CSRF issue exists on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.
Intelbras Iwr 3000n Firmware 1.5.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-8908
An issue exists in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges...
Frog Cms Project Frog Cms 0.9.5
1 EDB exploit
8.8
CVSSv3
CVE-2018-8979
Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.
Open-audit Open-audit 2.1
1 EDB exploit
NA
CVE-2015-6655
Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote malicious users to hijack the authentication of administrators for requests that add an administrator via a request to admin/admin_users.php.
Pligg Pligg Cms 2.0.2
1 EDB exploit
NA
CVE-2012-4051
Multiple cross-site request forgery (CSRF) vulnerabilities in editAccount.html in the JAMF Software Server (JSS) interface in JAMF Casper Suite prior to 8.61 allow remote malicious users to hijack the authentication of administrators for requests that (1) create user accounts or ...
Jamf Casper Suite
Jamf Casper Suite 8.5
Jamf Casper Suite 8.51
Jamf Casper Suite 8.43
Jamf Casper Suite 8.2
Jamf Casper Suite 8.0
Jamf Casper Suite 7.3
Jamf Casper Suite 7.2
Jamf Casper Suite 7.1
Jamf Casper Suite 8.4
Jamf Casper Suite 8.3
Jamf Casper Suite 8.1
Jamf Casper Suite 7.0
1 EDB exploit
NA
CVE-2011-1026
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 up to and including 1.2.2, and 1.3.x prior to 1.3.5, allow remote malicious users to hijack the authentication of administrators.
Apache Archiva 1.1
Apache Archiva 1.1.1
Apache Archiva 1.2-m1
Apache Archiva 1.3
Apache Archiva 1.1.2
Apache Archiva 1.1.3
Apache Archiva 1.2.1
Apache Archiva 1.2.2
Apache Archiva 1.1.4
Apache Archiva 1.2
Apache Archiva 1.0
Apache Archiva 1.0.1
Apache Archiva 1.3.4
Apache Archiva 1.0.2
Apache Archiva 1.0.3
Apache Archiva 1.3.1
Apache Archiva 1.3.2
Apache Archiva 1.3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »