Total
7480 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-5328 | 1 User Access Manager Project | 1 User Access Manager | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The user-access-manager plugin before 1.2 for WordPress has CSRF. | |||||
| CVE-2011-5250 | 1 Prophecyinternational | 1 Snare | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Snare for Linux before 1.7.0 has CSRF in the web interface. | |||||
| CVE-2011-4952 | 1 Cobblerd | 1 Cobbler | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| cobbler: Web interface lacks CSRF protection when using Django framework | |||||
| CVE-2011-3612 | 1 Usebb | 1 Usebb | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12. | |||||
| CVE-2011-3609 | 1 Redhat | 1 Jboss Application Server | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker. | |||||
| CVE-2011-3582 | 1 Anelectron | 1 Advanced Electron Forums | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF) through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions. | |||||
| CVE-2011-2934 | 1 Websitebaker | 1 Websitebaker | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions. | |||||
| CVE-2011-1085 | 1 Smoothwall | 1 Smoothwall Express | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| CSRF vulnerability in Smoothwall Express 3. | |||||
| CVE-2011-0525 | 1 Batavi | 1 Batavi | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Batavi before 1.0 has CSRF. | |||||
| CVE-2010-4241 | 1 Tiki | 1 Tikiwiki Cms\/groupware | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Tiki Wiki CMS Groupware 5.2 has CSRF | |||||
| CVE-2010-3305 | 1 Pixelpost | 1 Pixelpost | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin password. | |||||
| CVE-2024-52401 | 2024-11-20 | N/A | 9.6 CRITICAL | ||
| Cross-Site Request Forgery (CSRF) vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4. | |||||
| CVE-2024-52424 | 1 Sureshkumar | 1 Wp-login Customizer | 2024-11-20 | N/A | 7.1 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Suresh Kumar wp-login customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through 1.0. | |||||
| CVE-2024-51640 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Matt Rude MDR Webmaster Tools allows Stored XSS.This issue affects MDR Webmaster Tools: from n/a through 1.1. | |||||
| CVE-2024-51656 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in litefeel Flash Show And Hide Box allows Stored XSS.This issue affects Flash Show And Hide Box: from n/a through 1.6. | |||||
| CVE-2024-51654 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in APK.Support APK Downloader allows Stored XSS.This issue affects APK Downloader: from n/a through 1.0.0. | |||||
| CVE-2024-51645 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Themefuse ThemeFuse Maintenance Mode allows Stored XSS.This issue affects ThemeFuse Maintenance Mode: from n/a through 1.1.3. | |||||
| CVE-2024-51632 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sam Hoe SH Slideshow allows Stored XSS.This issue affects SH Slideshow: from n/a through 4.3. | |||||
| CVE-2024-51639 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Hints Naver Blog allows Stored XSS.This issue affects Naver Blog: from n/a through 1.0. | |||||
| CVE-2024-51635 | 2024-11-19 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Garmur While Loading allows Stored XSS.This issue affects While Loading: from n/a through 3.0. | |||||