Total
8380 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0699 | 1 Haudenschilt | 1 Family Connections Cms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php. | |||||
| CVE-2011-5328 | 1 User Access Manager Project | 1 User Access Manager | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The user-access-manager plugin before 1.2 for WordPress has CSRF. | |||||
| CVE-2011-5250 | 1 Prophecyinternational | 1 Snare | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Snare for Linux before 1.7.0 has CSRF in the web interface. | |||||
| CVE-2011-4952 | 1 Cobblerd | 1 Cobbler | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| cobbler: Web interface lacks CSRF protection when using Django framework | |||||
| CVE-2011-3612 | 1 Usebb | 1 Usebb | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12. | |||||
| CVE-2011-3609 | 1 Redhat | 1 Jboss Application Server | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker. | |||||
| CVE-2011-3582 | 1 Anelectron | 1 Advanced Electron Forums | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF) through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions. | |||||
| CVE-2011-2934 | 1 Websitebaker | 1 Websitebaker | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions. | |||||
| CVE-2011-1085 | 1 Smoothwall | 1 Smoothwall Express | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| CSRF vulnerability in Smoothwall Express 3. | |||||
| CVE-2011-0525 | 1 Batavi | 1 Batavi | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Batavi before 1.0 has CSRF. | |||||
| CVE-2010-4241 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Tiki Wiki CMS Groupware 5.2 has CSRF | |||||
| CVE-2010-3305 | 1 Pixelpost | 1 Pixelpost | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin password. | |||||
| CVE-2024-52401 | 2024-11-20 | N/A | 9.6 CRITICAL | ||
| Cross-Site Request Forgery (CSRF) vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4. | |||||
| CVE-2024-52424 | 1 Sureshkumar | 1 Wp-login Customizer | 2024-11-20 | N/A | 7.1 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Suresh Kumar wp-login customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through 1.0. | |||||
| CVE-2024-51635 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Garmur While Loading allows Stored XSS.This issue affects While Loading: from n/a through 3.0. | |||||
| CVE-2024-51655 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Microkid Custom Author URL allows Stored XSS.This issue affects Custom Author URL: from n/a through 2.0.1. | |||||
| CVE-2024-51686 | 2024-11-19 | N/A | 4.3 MEDIUM | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar, Surender Khokhar Manage User Columns allows Cross Site Request Forgery.This issue affects Manage User Columns: from n/a through 1.0.5. | |||||
| CVE-2024-51653 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Mario Spinaci UPDATE NOTIFICATIONS allows Stored XSS.This issue affects UPDATE NOTIFICATIONS: from n/a through 0.3.4. | |||||
| CVE-2024-51643 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Rajan Agaskar Amazon Associate Filter allows Stored XSS.This issue affects Amazon Associate Filter: from n/a through 0.4. | |||||
| CVE-2024-51642 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in webhostri Seo Free allows Stored XSS.This issue affects Seo Free: from n/a through 1.4. | |||||