Export limit exceeded: 10341 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10341 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-6883 1 Cru-inc 2 Ditto Forensic Fieldstation, Ditto Forensic Fieldstation Firmware 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors.
CVE-2013-6852 1 Hp 1 2620-24-poe\+ Switch 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in html/json.html on HP 2620 switches allows remote attackers to hijack the authentication of administrators for requests that change an administrative password via the setPassword method.
CVE-2013-6826 1 Fortinet 7 Fortianalyzer-1000d, Fortianalyzer-2000b, Fortianalyzer-200d and 4 more 2025-04-11 N/A
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks.
CVE-2013-6797 1 Sunil Nanda 1 Blue Wrench Video Widget 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in bluewrench-video-widget.php in the Blue Wrench Video Widget plugin before 2.0.0 for WordPress allows remote attackers to hijack the authentication of administrators for requests that embed arbitrary URLs via the bw_url parameter in the bw-videos page to wp-admin/admin.php, as demonstrated by embedding a URL to a JavaScript file.
CVE-2013-2305 1 Cybozu 3 Cybozu Dezie, Cybozu Office, Mailwise 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.
CVE-2013-6710 1 Cisco 1 Webex Training Center 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567.
CVE-2011-1397 1 Ibm 6 Maximo Asset Management, Maximo Asset Management Essentials, Maximo Service Desk and 3 more 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in the Labor Reporting page in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2011-1403 1 Mahara 1 Mahara 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in the pieforms implementation in Mahara before 1.3.6 allows remote attackers to hijack the authentication of arbitrary users for requests to any form, related to inappropriate regeneration of session keys.
CVE-2012-3028 1 Siemens 2 Simatic Pcs7, Wincc 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that modify data or cause a denial of service.
CVE-2012-2999 1 Cerberusftp 1 Ftp Server 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface in Cerberus FTP Server before 5.0.5.0 allow remote attackers to hijack the authentication of administrators for requests that (1) add a user account or (2) reconfigure the state of the FTP service, as demonstrated by a request to usermanager/users/modify.
CVE-2012-2959 1 Bmc 1 Identity Management Suite 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in password-manager/changePasswords.do in BMC Identity Management Suite 7.5.00.103 allows remote attackers to hijack the authentication of administrators for requests that change passwords.
CVE-2013-1414 1 Fortinet 30 Fortigate-1000c, Fortigate-100d, Fortigate-110c and 27 more 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Fortinet FortiOS on FortiGate firewall devices before 4.3.13 and 5.x before 5.0.2 allow remote attackers to hijack the authentication of administrators for requests that modify (1) settings or (2) policies, or (3) restart the device via a rebootme action to system/maintenance/shutdown.
CVE-2013-6192 1 Hp 1 Operations Orchestration 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration before 9 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2012-2734 2 Redhat, Trevor Mckay 2 Enterprise Mrg, Cumin 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allow remote attackers to hijack the authentication of arbitrary users for requests that execute commands via unspecified vectors.
CVE-2012-6434 1 E107 1 E107 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) download_url, (2) download_url_extended, (3) download_author_email, (4) download_author_website, (5) download_image, (6) download_thumb, (7) download_visible, or (8) download_class parameter.
CVE-2011-3293 1 Cisco 1 Secure Access Control Server 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.2 allow remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, aka Bug ID CSCtr78143.
CVE-2011-3201 3 Gnome, Oracle, Redhat 6 Evolution, Solaris, Enterprise Linux and 3 more 2025-04-11 N/A
GNOME Evolution before 3.2.3 allows user-assisted remote attackers to read arbitrary files via the attachment parameter to a mailto: URL, which attaches the file to the email.
CVE-2012-0235 1 Advantech 1 Advantech Webaccess 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2012-6493 1 Rapid7 1 Nexpose 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete.
CVE-2012-1897 1 Wolfcms 1 Wolf Cms 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS 0.75 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) delete users via the user id number to admin/user/delete; (2) delete pages via the page id number to admin/page/delete; delete the (3) images or (4) themes directory via the directory name to admin/plugin/file_manager/delete, and possibly other directories; or (5) logout the user via a request to admin/login/logout.