Total
7647 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4952 | 1 Cobblerd | 1 Cobbler | 2024-11-21 | 8.8 High |
| cobbler: Web interface lacks CSRF protection when using Django framework | ||||
| CVE-2011-3612 | 1 Usebb | 1 Usebb | 2024-11-21 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12. | ||||
| CVE-2011-3609 | 1 Redhat | 1 Jboss Application Server | 2024-11-21 | 6.5 Medium |
| A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker. | ||||
| CVE-2011-3582 | 1 Anelectron | 1 Advanced Electron Forums | 2024-11-21 | 8.8 High |
| A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF) through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions. | ||||
| CVE-2011-2934 | 1 Websitebaker | 1 Websitebaker | 2024-11-21 | 8.8 High |
| A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions. | ||||
| CVE-2011-1085 | 1 Smoothwall | 1 Smoothwall Express | 2024-11-21 | 8.8 High |
| CSRF vulnerability in Smoothwall Express 3. | ||||
| CVE-2011-0525 | 1 Batavi | 1 Batavi | 2024-11-21 | 8.8 High |
| Batavi before 1.0 has CSRF. | ||||
| CVE-2010-4241 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-21 | 8.8 High |
| Tiki Wiki CMS Groupware 5.2 has CSRF | ||||
| CVE-2010-3305 | 1 Pixelpost | 1 Pixelpost | 2024-11-21 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin password. | ||||
| CVE-2023-0737 | 1 Wallabag | 1 Wallabag | 2024-11-20 | 6.5 Medium |
| wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4. | ||||
| CVE-2024-52401 | 2024-11-20 | 9.6 Critical | ||
| Cross-Site Request Forgery (CSRF) vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4. | ||||
| CVE-2024-52424 | 1 Sureshkumar | 1 Wp-login Customizer | 2024-11-20 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Suresh Kumar wp-login customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through 1.0. | ||||
| CVE-2024-51650 | 2024-11-20 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Scott @ MyDollarPlan.com Random Featured Post allows Stored XSS.This issue affects Random Featured Post: from n/a through 1.1.3. | ||||
| CVE-2024-51634 | 2024-11-20 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Webriti WordPress Themes & Plugins Shop Webriti Custom Login allows Reflected XSS.This issue affects Webriti Custom Login: from n/a through 0.3. | ||||
| CVE-2024-51633 | 2024-11-20 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in IvyCat Web Services Simple Page Specific Sidebars allows Stored XSS.This issue affects Simple Page Specific Sidebars: from n/a through 2.14.1. | ||||
| CVE-2024-51655 | 2024-11-20 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Microkid Custom Author URL allows Stored XSS.This issue affects Custom Author URL: from n/a through 2.0.1. | ||||
| CVE-2024-51654 | 2024-11-20 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in APK.Support APK Downloader allows Stored XSS.This issue affects APK Downloader: from n/a through 1.0.0. | ||||
| CVE-2024-51653 | 2024-11-20 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Mario Spinaci UPDATE NOTIFICATIONS allows Stored XSS.This issue affects UPDATE NOTIFICATIONS: from n/a through 0.3.4. | ||||
| CVE-2024-51652 | 2024-11-20 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Prem Nawaz Khan, Victor Tsaran, Ron Feathers, and Marc Kocher Skip To allows Stored XSS.This issue affects Skip To: from n/a through 2.0.0. | ||||
| CVE-2024-51649 | 2024-11-20 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Patrick Lumumba Mobilize allows Stored XSS.This issue affects Mobilize: from n/a through 3.0.7. | ||||