Total
9087 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-4877 | 1 Flatnux | 1 Flatnux | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user accounts. | ||||
| CVE-2012-4753 | 1 Owncloud | 2 Owncloud, Owncloud Server | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.5 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2012-4486 | 2 Boombatower, Drupal | 2 Subuser, Drupal | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Subuser module before 6.x-1.8 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that switch the user to a subuser via unspecified vectors. | ||||
| CVE-2012-4084 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755. | ||||
| CVE-2012-4002 | 1 Glpi-project | 1 Glpi | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI before 0.83.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2012-3362 | 1 Extplorer | 1 Extplorer | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action. | ||||
| CVE-2012-3256 | 1 Hp | 1 Business Availability Center | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2012-2728 | 2 Drupal, Ronan Dowling | 2 Drupal, Node Hierarchy | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Node Hierarchy module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to hijack the authentication of administrators for requests that change a node hierarchy position via an (1) up or (2) down action. | ||||
| CVE-2012-2155 | 2 Drupal, Kyle Browning | 2 Drupal, Cdn2 Video | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the CDN2 Video module 6.x for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2010-1244 | 1 Apache | 1 Activemq | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote attackers to hijack the authentication of unspecified victims for requests that create queues via the JMSDestination parameter in a queue action. | ||||
| CVE-2012-2077 | 2 Drupal, Rob Loach | 2 Drupal, Sharethis | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the ShareThis module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of users with administer sharethis permissions via unknown vectors "outside of the Form API." | ||||
| CVE-2012-1633 | 2 Drupal, Erikwebb | 2 Drupal, Password Policy | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Password Policy module before 6.x-1.4 and 7.x-1.0 beta3 for Drupal allows remote attackers to hijack the authentication of administrative users for requests that unblock a user. | ||||
| CVE-2010-3026 | 1 Tomaz-muraus | 1 Open Blog | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in application/modules/admin/controllers/users.php in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests to admin/users/edit that grant administrative privileges. | ||||
| CVE-2012-1636 | 2 Drupal, Luke Herrington | 2 Drupal, Stickynote | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of users for requests that delete stickynotes via unspecified vectors. | ||||
| CVE-2011-2908 | 1 Redhat | 6 Jboss Enterprise Application Platform, Jboss Enterprise Brms Platform, Jboss Enterprise Portal Platform and 3 more | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the JMX Console (jmx-console) in JBoss Enterprise Portal Platform before 5.2.2, BRMS Platform 5.3.0 before roll up patch1, and SOA Platform 5.3.0 allows remote authenticated users to hijack the authentication of arbitrary users for requests that perform operations on MBeans and possibly execute arbitrary code via unspecified vectors. | ||||
| CVE-2012-1631 | 2 Databasepublish, Drupal | 2 Admin\, Drupal | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Admin:hover module for Drupal allows remote attackers to hijack the authentication of administrators for requests that unpublish all nodes, and possibly other actions, via unspecified vectors. | ||||
| CVE-2012-1237 | 1 Icz | 1 Sencha Sns | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in SENCHA SNS before 1.0.2 allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2012-1236 | 1 Janetter | 1 Janetter | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Janetter before 3.3.0.0 (aka 3.3.0) allow remote attackers to hijack the authentication of arbitrary users for requests that (1) tweet, (2) upload an image file, or (3) execute arbitrary commands. | ||||
| CVE-2012-1235 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0235. | ||||
| CVE-2012-1227 | 1 Pluck-cms | 1 Pluck | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that (1) modify the admin email address or (2) modify the blog title via a settings action; (3) add a page via an editpage action, or (4) add a categorie via the blog module. | ||||