ReportizFlow
Filtered by vendor
Subscriptions
Total
8869 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-4056 | 1 Ibm | 1 Infosphere Information Server | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Data Quality Console and Information Analyzer components in IBM InfoSphere Information Server 8.7 through FP2 and 9.1 through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2013-2628 | 1 Idleman | 1 Leed | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in action.php in Leed (Light Feed), possibly before 1.5 Stable, allow remote attackers to hijack the authentication of administrators for unspecified requests, related to the lack of an anti-CSRF token. | ||||
| CVE-2013-5494 | 1 Cisco | 2 Unified Meetingplace, Unified Meetingplace Web Conferencing | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified MeetingPlace Web Conferencing and Unified MeetingPlace, allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCui45209 and CSCui44674. | ||||
| CVE-2012-2097 | 2 Drupal, Larry Garfield | 2 Drupal, Autosave | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Autosave module 6.x before 6.x-2.10 and 7.x-2.x before 7.x-2.0 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests involving "submitting saved results to a node." | ||||
| CVE-2013-6852 | 1 Hp | 1 2620-24-poe\+ Switch | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in html/json.html on HP 2620 switches allows remote attackers to hijack the authentication of administrators for requests that change an administrative password via the setPassword method. | ||||
| CVE-2012-5005 | 1 Frankdeveloper | 1 Vr Gpub | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in admin/admin_options.php in VR GPub 4.0 allows remote attackers to hijack the authentication of admins for requests that add admin accounts via an add action. | ||||
| CVE-2011-4281 | 1 Moodle | 1 Moodle | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Moodle 2.0.x before 2.0.2 allow remote attackers to hijack the authentication of arbitrary users for requests that mark the completion of (1) an activity or (2) a course. | ||||
| CVE-2011-4298 | 1 Moodle | 1 Moodle | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary users for requests that modify wiki data. | ||||
| CVE-2012-2056 | 2 Drupal, Nathan Brink | 2 Drupal, Content Lock | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Content Lock module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-7256 | 1 Opsview | 1 Opsview | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2011-4947 | 1 E107 | 1 E107 | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the user_include parameter. | ||||
| CVE-2012-0317 | 1 Sixapart | 1 Movable Type | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the (1) commenting feature or (2) community script. | ||||
| CVE-2012-1237 | 1 Icz | 1 Sencha Sns | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in SENCHA SNS before 1.0.2 allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2013-3690 | 1 Brickcom | 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users. | ||||
| CVE-2013-7204 | 1 Conceptronic | 2 Cipcamptiwl, Cipcamptiwl 1.0 Firmware | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in set_users.cgi in Conceptronic CIPCAMPTIWL Camera 1.0 with firmware 21.37.2.49 allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. | ||||
| CVE-2012-4084 | 1 Cisco | 1 Unified Computing System | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web-management interface in the fabric interconnect (FI) component in Cisco Unified Computing System (UCS) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCtg20755. | ||||
| CVE-2012-4431 | 2 Apache, Redhat | 6 Tomcat, Jboss Data Grid, Jboss Enterprise Application Platform and 3 more | 2025-04-11 | N/A |
| org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.32 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier. | ||||
| CVE-2012-2128 | 1 Andreas Gohr | 1 Dokuwiki | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. NOTE: this issue has been disputed by the vendor, who states that it is resultant from CVE-2012-2129: "the exploit code simply uses the XSS hole to extract a valid CSRF token." | ||||
| CVE-2012-3799 | 2 Blaine Lang, Drupal | 2 Maestro, Drupal | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Maestro module 7.x-1.x before 7.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) change workflows or (2) insert cross-site scripting (XSS) sequences. | ||||
| CVE-2012-1921 | 1 Sitecom | 1 Wlm-2501 | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in goform/admin/formWlEncrypt in Sitecom WLM-2501 allows remote attackers to hijack the authentication of administrators for requests that change the router passphrase via the pskValue parameter. | ||||