Total
9128 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5216 | 1 Hp | 3 Procurve Switch 1700-24, Procurve Switch 1700-8, Procurve Switch Software | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability on HP ProCurve 1700-8 (aka J9079A) switches with software before VA.02.09 and 1700-24 (aka J9080A) switches with software before VB.02.09 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2012-2056 | 2 Drupal, Nathan Brink | 2 Drupal, Content Lock | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Content Lock module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2011-0277 | 1 Hp | 1 Power Manager | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts. | ||||
| CVE-2012-5450 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) 1.11.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deld parameter. | ||||
| CVE-2011-0629 | 1 Adobe | 1 Coldfusion | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Adobe ColdFusion 8.0, 8.0.1, 9.0, and 9.0.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2012-2080 | 2 Drupal, Node Limit Number Project | 2 Drupal, Node Limitnumber | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Node Limit Number module before 6.x-1.2 for Drupal allows remote attackers to hijack the authentication of users with the administer node limitnumber permission for requests that delete limits. | ||||
| CVE-2011-2191 | 1 Cherokee-project | 1 Cherokee | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply. | ||||
| CVE-2012-3256 | 1 Hp | 1 Business Availability Center | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2012-3028 | 1 Siemens | 2 Simatic Pcs7, Wincc | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service. | ||||
| CVE-2011-0642 | 1 Network-13 | 1 N-13 News | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 allows remote attackers to hijack the authentication of administrators for requests that create new users via the options action. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2012-5542 | 2 Drupal, Pedro Cambra | 2 Drupal, Commerce Extra Panes | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Commerce Extra Panes module 7.x-1.x before 7.x-1.1 in Drupal allows remote attackers to hijack the authentication of administrators for requests that enable or disable a Commerce extra panes pane via unspecified vectors related to "the link to reorder items." | ||||
| CVE-2012-6508 | 1 Netartmedia | 1 Car Portal | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change arbitrary user passwords via a nouveau action in the security module to cars/ADMIN/index.php; (2) create a user or (3) create a sub user via a sub_accounts action in the home module to USERS/index.php; or (4) change profile information via an edit action in the profile module to USERS/index.php. | ||||
| CVE-2011-0643 | 1 Phplinkdirectory | 1 Php Link Directory | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (phpLD) 4.1.0 allows remote attackers to hijack the authentication of administrators for requests that add an administrator via the N action. | ||||
| CVE-2009-4827 | 1 Scriptez | 1 Mail Manager Pro | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in admin.php in Mail Manager Pro allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a change action. | ||||
| CVE-2011-0748 | 1 Tincan | 1 Phplist | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in phpList before 2.10.13 allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) edit administrator accounts. | ||||
| CVE-2012-2734 | 2 Redhat, Trevor Mckay | 2 Enterprise Mrg, Cumin | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors. | ||||
| CVE-2011-0746 | 1 Zyxel | 1 O2 Dsl Router Classic | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Forms/PortForwarding_Edit_1 on the ZyXEL O2 DSL Router Classic allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the PortRule_Name parameter. | ||||
| CVE-2010-2231 | 1 Moodle | 1 Moodle | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of arbitrary users for requests that delete quiz attempts via the attemptid parameter. | ||||
| CVE-2012-1057 | 2 Drupal, Sean Robertson | 2 Drupal, Forward | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the clickthrough tracking functionality in the Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that increase node rankings via the tracking code, possibly related to improper "flood control." | ||||
| CVE-2012-5547 | 2 Drupal, Thomas Seidl | 2 Drupal, Search Api | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable a server via a server action or (2) enable a search index via an enable index action. | ||||