Export limit exceeded: 10347 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10347 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2014-7957 1 Pods Foundation 1 Pods 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Pods plugin before 2.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) conduct cross-site scripting (XSS) attacks via the toggled parameter in a toggle action in the pods-components page to wp-admin/admin.php, (2) delete a pod in a delete action in the pods page to wp-admin/admin.php, (3) reset pod settings and data via the pods_reset parameter in the pod-settings page to wp-admin/admin.php, (4) deactivate and reset pod data via the pods_reset_deactivate parameter in the pod-settings page to wp-admin/admin.php, (5) delete the admin role via the id parameter in a delete action in the pods-component-roles-and-capabilities page to wp-admin/admin.php, or (6) enable "roles and capabilities" in a toggle action in the pods-components page to wp-admin/admin.php.
CVE-2016-6158 1 Huawei 2 Ws331a Router, Ws331a Router Firmware 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei WS331a routers with software before WS331a-10 V100R001C01B112 allow remote attackers to hijack the authentication of administrators for requests that (1) restore factory settings or (2) reboot the device via unspecified vectors.
CVE-2014-8246 1 Broadcom 1 Release Automation 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in CA Release Automation (formerly iTKO LISA Release Automation) before 4.7.1 b448 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2014-8331 1 Huawei 2 E3236 Firmware, E3276 Firmware 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Huawei HiLink E3236 before E3276sTCPU-V200R002B470D13SP00C00 and E3276sWebUI-V100R007B100D03SP01C03 and E3276 before E3236sTCPU-V200R002B146D41SP00C00 and E3236sWebUI-V100R007B100D03SP01C03 allow remote attackers to hijack the authentication of administrators for requests that (1) change configuration settings or (2) use device functions.
CVE-2014-8521 1 Mcafee 1 Network Data Loss Prevention 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-7465 1 Ibm 1 Jazz Reporting Service 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVE-2015-0115 1 Ibm 1 Leads 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to hijack the authentication of customer accounts.
CVE-2015-4281 1 Cisco 1 Webex Meetings Server 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.5 MR1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCus56150 and CSCus56146.
CVE-2015-4256 1 Cisco 1 Telepresence Ip Vcr 3.0 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP VCR devices with software 3.0(1.27) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90736.
CVE-2015-4255 1 Cisco 1 Telepresence Ip Gateway 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP Gateway devices with software 2.0(3.34) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90734.
CVE-2015-4254 1 Cisco 1 Telepresence Advanced Media Gateway 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Advanced Media Gateway devices with software 1.1(1.40) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90732.
CVE-2015-4253 1 Cisco 1 Telepresence Serial Gateway 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Serial Gateway devices with software 1.0(1.42) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90728.
CVE-2015-4242 1 Cisco 1 Firesight System Software 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721.
CVE-2015-4119 1 Ispconfig 1 Ispconfig 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administrator account via a request to admin/users_edit.php or (2) arbitrary users for requests that conduct SQL injection attacks via the server parameter to monitor/show_sys_state.php.
CVE-2015-0213 1 Moodle 1 Moodle 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editcategories.php in the Glossary module in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2.8.2 allow remote attackers to hijack the authentication of unspecified victims.
CVE-2016-0386 1 Ibm 1 Tririga Application Platform 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.4, and 3.5 before 3.5.0.2 allows remote authenticated users to hijack the authentication of administrators for requests that delete employees.
CVE-2015-0542 1 Emc 1 Rsa Archer Egrc 2025-04-12 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA Archer GRC 5.5 SP1 before P3 allow remote attackers to hijack the authentication of arbitrary users.
CVE-2015-0588 1 Cisco 1 Unified Communications Domain Manager 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055.
CVE-2015-3388 1 Balanced 1 Commerce Balanced Payments 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete the user's configured bank accounts via unspecified vectors.
CVE-2015-3370 1 Node Invite Project 1 Node Invite 2025-04-12 N/A
Cross-site request forgery (CSRF) vulnerability in the Node Invite module before 6.x-2.5 for Drupal allows remote attackers to hijack the authentication of users with the "node_invite_can_manage_invite" permission for requests that re-enable node invitations via unspecified vectors.