Search Results (9431 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-4024 1 Genetechsolutions 1 Pie Register 2025-04-17 6.5 Medium
The Registration Forms WordPress plugin before 3.8.1.3 does not have authorisation and CSRF when deleting users via an init action handler, allowing unauthenticated attackers to delete arbitrary users (along with their posts)
CVE-2025-31723 1 Jenkins 1 Simple Queue 2025-04-17 4.3 Medium
A cross-site request forgery (CSRF) vulnerability in Jenkins Simple Queue Plugin 1.4.6 and earlier allows attackers to change and reset the build queue order.
CVE-2025-1762 1 Vollstart 1 Event Tickets With Ticket Scanner 2025-04-17 4.3 Medium
The Event Tickets with Ticket Scanner WordPress plugin before 2.5.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
CVE-2024-55088 1 Getsimple-ce 1 Getsimple Cms 2025-04-17 8.8 High
GetSimple CMS CE 3.3.19 is vulnerable to Server-Side Request Forgery (SSRF) in the backend plugin module.
CVE-2024-27694 1 Flycms Project 1 Flycms 2025-04-16 7.4 High
FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the /system/share/ztree_category_edit.
CVE-2021-32929 1 Uffizio 1 Gps Tracker 2025-04-16 4.3 Medium
All versions of Uffizio GPS Tracker may allow an attacker to perform unintended actions on behalf of a user.
CVE-2021-43937 1 Smartptt 1 Scada Server 2025-04-16 7.6 High
Elcomplus SmartPTT SCADA Server web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
CVE-2025-25379 1 07fly 1 07flycms 2025-04-15 9.6 Critical
Cross Site Request Forgery vulnerability in 07FLYCMS v.1.3.9 allows a remote attacker to execute arbitrary code via the id parameter of the del.html component.
CVE-2024-57611 1 07fly 1 07flycms 2025-04-15 3.5 Low
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/doAdminAction.php?act=editShop&shopId.
CVE-2024-57159 1 07fly 1 07flycms 2025-04-15 3.5 Low
07FLYCMS V1.3.9 was discovered to contain a Cross-Site Request Forgery (CSRF) via /erp.07fly.net:80/oa/OaWorkReport/add.html.
CVE-2022-29468 1 Wwbn 1 Avideo 2025-04-15 8.8 High
A cross-site request forgery (CSRF) vulnerability exists in WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to increased privileges. An attacker can get an authenticated user to send a crafted HTTP request to trigger this vulnerability.
CVE-2024-34957 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/sysImages_deal.php?mudi=infoSet.
CVE-2024-34958 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 6.5 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/banner_deal.php?mudi=add
CVE-2024-35011 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close.
CVE-2024-35012 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 6.3 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close.
CVE-2024-35039 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 3.8 Low
idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area.
CVE-2024-35108 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/homePro_deal.php?mudi=del&dataType=&dataTypeCN.
CVE-2024-35109 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 6.5 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /homePro_deal.php?mudi=add&nohrefStr=close.
CVE-2024-36670 1 Idccms 1 Idccms 2025-04-15 8.8 High
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=del
CVE-2024-39019 2 Idccms, Idccms Project 2 Idccms, Idccms 2025-04-15 5.4 Medium
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/idcProData_deal.php?mudi=del