Total
7923 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-6100 | 1 Ibm | 2 Disposal And Governance Management For It, Global Retention Policy And Schedule Management | 2025-04-20 | N/A |
IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite 6.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 2000771. | ||||
CVE-2016-4909 | 1 Cybozu | 1 Garoon | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in Cybozu Garoon 3.0.0 to 4.2.2 allows remote attackers to hijack the authentication of a logged in user to force a logout via unspecified vectors. | ||||
CVE-2016-4928 | 1 Juniper | 1 Junos Space | 2025-04-20 | N/A |
Cross site request forgery vulnerability in Junos Space before 15.2R2 allows remote attackers to perform certain administrative actions on Junos Space. | ||||
CVE-2017-11350 | 1 Axesstel | 2 Mu553s, Mu553s Firmware | 2025-04-20 | N/A |
Cross-Site Request Forgery (CSRF) exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices. | ||||
CVE-2017-11680 | 1 Project Hashtopussy | 1 Hashtopussy | 2025-04-20 | N/A |
Cross-Site Request Forgery (CSRF) exists in Hashtopussy 0.4.0, allowing an admin password change via users.php. | ||||
CVE-2016-9730 | 1 Ibm | 2 Qradar Incident Forensics, Qradar Security Information And Event Manager | 2025-04-20 | N/A |
IBM QRadar Incident Forensics 7.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 1999549. | ||||
CVE-2016-5401 | 1 Redhat | 2 Jboss Bpm Suite, Jboss Enterprise Brms Platform | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page. | ||||
CVE-2016-4879 | 1 Basercms | 2 Basercms, Mail | 2025-04-20 | 8.8 High |
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
CVE-2016-4887 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Uploader version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
CVE-2016-4885 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Feed version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
CVE-2016-4881 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
CVE-2017-7404 | 1 Dlink | 1 Dir-615 | 2025-04-20 | 8.8 High |
On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). An attacker can host a page that sends a POST request to Form2File.htm that tries to upload Firmware to victim's Router. This causes the router to reboot/crash resulting in Denial of Service. An attacker may succeed in uploading malicious Firmware. | ||||
CVE-2016-4886 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
CVE-2017-2138 | 1 Cs-cart | 2 Cs-cart, Cs-cart Multivendor | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
CVE-2016-4882 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
CVE-2016-1261 | 1 Juniper | 1 Junos | 2025-04-20 | N/A |
J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS). | ||||
CVE-2016-4891 | 1 Setucocms Project | 1 Setucocms | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors. | ||||
CVE-2016-4878 | 1 Basercms | 1 Basercms | 2025-04-20 | N/A |
Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
CVE-2016-3403 | 1 Synacor | 1 Zimbra Collaboration Suite | 2025-04-20 | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Zimbra Collaboration before 8.6.0 Patch 8 allow remote attackers to hijack the authentication of administrators for requests that (1) add, (2) modify, or (3) remove accounts by leveraging failure to use of a CSRF token and perform referer header checks, aka bugs 100885 and 100899. | ||||
CVE-2016-8917 | 1 Ibm | 1 Sterling Selling And Fulfillment Foundation | 2025-04-20 | N/A |
IBM Sterling Order Management 9.2 - 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #: 2000943. |