Total
9130 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3513 | 1 Gwos | 1 Groundwork Monitor | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma component in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) store XSS sequences or (2) delete entries. | ||||
| CVE-2011-2191 | 1 Cherokee-project | 1 Cherokee | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply. | ||||
| CVE-2013-4000 | 1 Ibm | 1 Cognos Command Center | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Cognos Command Center before 10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) start or (2) stop services. | ||||
| CVE-2013-4050 | 1 Ibm | 1 Lotus Domino | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in webadmin.nsf in Domino Web Administrator in IBM Domino 8.5 and 9.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2012-0317 | 1 Sixapart | 1 Movable Type | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the (1) commenting feature or (2) community script. | ||||
| CVE-2012-0308 | 1 Symantec | 1 Messaging Gateway | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to hijack the authentication of administrators. | ||||
| CVE-2013-4056 | 1 Ibm | 1 Infosphere Information Server | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Data Quality Console and Information Analyzer components in IBM InfoSphere Information Server 8.7 through FP2 and 9.1 through 9.1.2.0 allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2012-0303 | 1 Symantec | 1 Message Filter | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Brightmail Control Center in Symantec Message Filter 6.3 allow remote attackers to hijack the authentication of arbitrary users for requests that (1) execute application commands or (2) create admin accounts. | ||||
| CVE-2012-2056 | 2 Drupal, Nathan Brink | 2 Drupal, Content Lock | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Content Lock module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-5313 | 1 Bigtreecms | 1 Bigtree Cms | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in core/admin/modules/users/update.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to hijack the authentication of administrators for requests that modify arbitrary user accounts via an edit user action. | ||||
| CVE-2013-5316 | 1 Ritecms | 1 Ritecms | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in RiteCMS 1.0.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via an edit user action to cms/index.php. | ||||
| CVE-2013-4911 | 1 Siemens | 1 Wincc | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Siemens WinCC (TIA Portal) 11 and 12 before 12 SP1 allows remote attackers to hijack the authentication of unspecified victims by leveraging improper configuration of SIMATIC HMI panels by the WinCC product. | ||||
| CVE-2012-1843 | 2 Dell, Quantum | 7 Powervault Ml6000, Powervault Ml6000 Firmware, Powervault Ml6010 and 4 more | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in saveRestore.htm on the Quantum Scalar i500 tape library with firmware before i7.0.3 (604G.GS00100), also distributed as the Dell ML6000 tape library with firmware before A20-00 (590G.GS00100), allows remote attackers to hijack the authentication of users for requests that execute Linux commands via the fileName parameter, related to a "command-injection vulnerability." | ||||
| CVE-2013-5355 | 1 Sharetronix | 1 Sharetronix | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Sharetronix 3.1.1 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration settings or (2) create new administrative users via unspecified vectors. | ||||
| CVE-2013-6192 | 1 Hp | 1 Operations Orchestration | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-5494 | 1 Cisco | 2 Unified Meetingplace, Unified Meetingplace Web Conferencing | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified MeetingPlace Web Conferencing and Unified MeetingPlace, allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCui45209 and CSCui44674. | ||||
| CVE-2013-6346 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-6710 | 1 Cisco | 1 Webex Training Center | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567. | ||||
| CVE-2012-2077 | 2 Drupal, Rob Loach | 2 Drupal, Sharethis | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the ShareThis module 7.x-2.x before 7.x-2.3 for Drupal allows remote attackers to hijack the authentication of users with administer sharethis permissions via unknown vectors "outside of the Form API." | ||||
| CVE-2011-5195 | 1 Public Knowledge Project | 1 Open Conference Systems | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Conference Systems 2.3.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that upload a PHP file. | ||||