Total
8840 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-3957 | 1 Kimai | 1 Kimai 2 | 2024-11-21 | 4.3 Medium |
| kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3944 | 1 Bookstackapp | 1 Bookstack | 2024-11-21 | 6.8 Medium |
| bookstack is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3932 | 1 Area17 | 1 Twill | 2024-11-21 | 4.3 Medium |
| twill is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3931 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 4.3 Medium |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3921 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 4.3 Medium |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3901 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 8.8 High |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3900 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 6.5 Medium |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3858 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 8.8 High |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3819 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 8.8 High |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3776 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 5.4 Medium |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3775 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 5.4 Medium |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3734 | 1 Yourls | 1 Yourls | 2024-11-21 | 8.8 High |
| yourls is vulnerable to Improper Restriction of Rendered UI Layers or Frames | ||||
| CVE-2021-3730 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 6.5 Medium |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3729 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 4.3 Medium |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3728 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 6.5 Medium |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3683 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 6.5 Medium |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) | ||||
| CVE-2021-3133 | 1 Sean-barton | 1 Elementor Contact Form Db | 2024-11-21 | 6.5 Medium |
| The Elementor Contact Form DB plugin before 1.6 for WordPress allows CSRF via backend admin pages. | ||||
| CVE-2021-39394 | 1 Mm-wiki Project | 1 Mm-wiki | 2024-11-21 | 6.5 Medium |
| mm-wiki v0.2.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add user accounts and modify user information. | ||||
| CVE-2021-39243 | 1 Altus | 30 Hadron Xtorm Hx3040, Hadron Xtorm Hx3040 Firmware, Nexto Nx3003 and 27 more | 2024-11-21 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) exists on Altus Nexto, Nexto Xpress, and Hadron Xtorm devices via any CGI endpoint. This affects Nexto NX3003 1.8.11.0, Nexto NX3004 1.8.11.0, Nexto NX3005 1.8.11.0, Nexto NX3010 1.8.3.0, Nexto NX3020 1.8.3.0, Nexto NX3030 1.8.3.0, Nexto NX5100 1.8.11.0, Nexto NX5101 1.8.11.0, Nexto NX5110 1.1.2.8, Nexto NX5210 1.1.2.8, Nexto Xpress XP300 1.8.11.0, Nexto Xpress XP315 1.8.11.0, Nexto Xpress XP325 1.8.11.0, Nexto Xpress XP340 1.8.11.0, and Hadron Xtorm HX3040 1.7.58.0. | ||||
| CVE-2021-39209 | 1 Glpi-project | 1 Glpi | 2024-11-21 | 8.8 High |
| GLPI is a free Asset and IT management software package. In versions prior to 9.5.6, a user who is logged in to GLPI can bypass Cross-Site Request Forgery (CSRF) protection in many places. This could allow a malicious actor to perform many actions on GLPI. This issue is fixed in version 9.5.6. There are no workarounds aside from upgrading. | ||||