Search Results (9378 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-4839 1 Ibm 1 Tririga Application Platform 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in birtviewer.query in IBM TRIRIGA Application Platform 3.2 and 3.3 before 3.3.0.2, 3.3.1 before 3.3.1.3, 3.3.2 before 3.3.2.2, and 3.4 before 3.4.0.1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVE-2015-0895 1 Tips And Tricks Hq 1 All In One Wordpress Security And Firewall 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in the All In One WP Security & Firewall plugin before 3.9.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete logs of 404 (aka Not Found) HTTP status codes.
CVE-2016-5671 1 Crestron 2 Dm-txrx-100-str, Dm-txrx-100-str Firmware 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities on Crestron Electronics DM-TXRX-100-STR devices with firmware through 1.3039.00040 allow remote attackers to hijack the authentication of arbitrary users.
CVE-2015-0541 1 Rsa 1 Web Threat Detection 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat Detection before 5.1 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2013-3083 1 Belkin 1 F5d8236-4 V2 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in cgi-bin/system_setting.exe in Belkin F5D8236-4 v2 allows remote attackers to hijack the authentication of administrators for requests that open the remote management interface on arbitrary ports via the remote_mgmt_enabled and remote_mgmt_port parameters.
CVE-2014-6214 1 Ibm 1 Websphere Portal 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVE-2015-1894 1 Ibm 1 Optim Workload Replay 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVE-2014-8523 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2016-3009 1 Ibm 1 Connections 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that modify the Connections generic page.
CVE-2014-8521 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-4069 2 Opensuse, Roundcube 2 Leap, Webmail 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.
CVE-2014-2186 1 Cisco 1 Webex Meetings Server 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco WebEx Meetings Server allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj81777.
CVE-2015-6468 1 Resource Data Management Data Manager 1 Data Manager 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Resource Data Management Data Manager before 2.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2016-1228 2 Ntt-east, Ntt-west 12 Pr-400mi, Pr-400mi Firmware, Rt-400mi and 9 more 2025-04-12 8.8 High
Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the authentication of arbitrary users.
CVE-2015-0736 1 Cisco 1 Mediasense 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728.
CVE-2013-2692 1 Openvpn 1 Openvpn Access Server 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users.
CVE-2013-2693 1 Wp-plugins 1 Wp-print 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in the Options in the WP-Print plugin before 2.52 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unspecified vectors.
CVE-2015-5075 1 X2engine 1 X2crm 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM before 5.2 allows remote attackers to hijack the authentication of administrators for requests that create an administrative account via a crafted request to index.php/users/create.
CVE-2014-2989 1 Open Assessment Technologies 1 Tao 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Open Assessment Technologies TAO 2.5.6 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts via a request to Users/add.
CVE-2014-100025 1 Savsoft Technologies 1 Savsoft Quiz 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request.