Total
8000 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-5283 | 1 Opentext | 1 Livelink Ecm | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in OpenText ECM (formerly Livelink ECM) 9.7.1 allows remote attackers to hijack the authentication of administrators for requests that change folder and resource permissions. | ||||
| CVE-2010-5084 | 1 E107 | 1 E107 | 2025-04-11 | N/A |
| The cross-site request forgery (CSRF) protection mechanism in e107 before 0.7.23 uses a predictable random token based on the creation date of the administrator account, which allows remote attackers to hijack the authentication of administrators for requests that add new users via e107_admin/users.php. | ||||
| CVE-2010-1968 | 2 Hp, Microsoft | 2 Insight Software Installer, Windows | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Software Installer for Windows before 6.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, a different vulnerability than CVE-2010-1971. | ||||
| CVE-2010-5080 | 1 Silverstripe | 1 Silverstripe | 2025-04-11 | N/A |
| The Security/changepassword URL action in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 passes a token as a GET parameter while changing a password through email, which allows remote attackers to obtain sensitive data and hijack the session via the HTTP referer logs on a server, aka "HTTP referer leakage." | ||||
| CVE-2010-4881 | 1 Apphp | 1 Apphp Calendar | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in calendar.class.php in ApPHP Calendar (ApPHP CAL) allow remote attackers to hijack the authentication of unspecified victims for requests that use the (1) category_name, (2) category_description, (3) event_name, or (4) event_description parameter. | ||||
| CVE-2013-1128 | 1 Cisco | 1 Unified Meetingplace | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuc64903. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1648 | 1 Mediawiki | 1 Mediawiki | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for requests that (1) create accounts or (2) reset passwords, related to the Special:Userlogin form. | ||||
| CVE-2010-1037 | 1 Hp | 1 Systems Insight Manager | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-1109 | 1 Cisco | 1 Webex Training Center | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in testingLibraryAction.do in the Training Center testing library in Cisco WebEx Training Center allows remote attackers to hijack the authentication of arbitrary users for requests that delete tests, aka Bug ID CSCzu81067. | ||||
| CVE-2013-5730 | 1 Dlink | 2 Dsl-2740b, Dsl-2740b Firmware | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DSL-2740B Gateway with firmware EU_1.00 allow remote attackers to hijack the authentication of administrators for requests that (1) enable or disable Wireless MAC Address Filters via a wlFltMode action to wlmacflt.cmd, (2) enable or disable firewall protections via a request to scdmz.cmd, or (3) enable or disable remote management via a save action to scsrvcntr.cmd. | ||||
| CVE-2010-4750 | 1 Blogcms | 1 Blog\ | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and possibly earlier, allows remote attackers to hijack the authentication of administrators. | ||||
| CVE-2010-1732 | 1 Zikula | 1 Zikula Application Framework | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the users module in Zikula Application Framework before 1.2.3 allows remote attackers to hijack the authentication of administrators for requests that change the administrator email address (updateemail action). | ||||
| CVE-2010-2007 | 1 Letodms | 1 Letodms | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) 1.7.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that use (1) op/op.EditUserData.php, (2) op/op.UsrMgr.php, (3) out/out.RemoveVersion.php, (4) op/op.RemoveFolder.php, (5) op/op.DefaultKeywords.php, (6) op/op.GroupMgr.php, (7) op/op.FolderAccess.php, (8) op/op.FolderNotify.php, or (9) op.MoveFolder.php in mydms. | ||||
| CVE-2010-4627 | 1 Mybb | 1 Mybb | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB (aka MyBulletinBoard) before 1.4.12 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-3583 | 1 Corporater | 1 Epm Suite | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in saveProperties.html in Corporater EPM Suite allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords. | ||||
| CVE-2013-1088 | 1 Novell | 1 Imanager | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container. | ||||
| CVE-2013-3540 | 1 Ovislink | 6 Airlive Od-2025hd, Airlive Od-2060hd, Airlive Poe100hd and 3 more | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/usrgrp.cgi in AirLive POE2600HD, POE250HD, POE200HD, OD-325HD, OD-2025HD, OD-2060HD, POE100HD, and possibly other camera models allows remote attackers to hijack the authentication of administrators for requests that add users. | ||||
| CVE-2010-0921 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to hijack the authentication of unspecified victims via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes." | ||||
| CVE-2010-0992 | 1 Pulsecms | 1 Pulse Cms | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro before 1.3.2, allow remote attackers to hijack the authentication of users for requests that (1) upload image files, (2) delete image files, or (3) create blocks. | ||||
| CVE-2010-4032 | 1 Hp | 1 Insight Control Performance Management | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||