Export limit exceeded: 365349 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 16515 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (9423 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-0207 2 Drupal, Leighton Whiting 2 Drupal, Mark Complete 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in the Mark Complete module 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2013-3491 2 Mdolon, Wordpress 2 Sharebar, Wordpress 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Sharebar plugin 1.2.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add or (2) modify buttons, or (3) insert cross-site scripting (XSS) sequences.
CVE-2012-1216 1 Pbboard 1 Pbboard 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in PBBoard 2.1.4 allow remote attackers to hijack the authentication of administrators for requests that (1) upload a file via an add action or (2) change the contents of a file via a dit action.
CVE-2013-5427 1 Ibm 2 Infosphere Master Data Management Collaboration Server, Infosphere Master Data Management Server For Product Information Management 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 FP8 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2012-0748 1 Ibm 1 Rational Team Concert 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in unspecified services in IBM Rational Team Concert (RTC) 4.x before 4.0.0.1 allow remote attackers to hijack the authentication of arbitrary users for requests that modify work items.
CVE-2012-0730 1 Ibm 1 Rational Appscan 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 allow remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
CVE-2012-6493 1 Rapid7 1 Nexpose 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console before 5.5.4 allows remote attackers to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete.
CVE-2012-6134 1 Omniauth-oauth2 Project 1 Omniauth-oauth2 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in the omniauth-oauth2 gem 1.1.1 and earlier for Ruby allows remote attackers to hijack the authentication of users for requests that modify session state.
CVE-2012-5950 1 Ibm 1 Tririga Application Platform 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in IBM TRIRIGA Application Platform 2.x and 3.x before 3.3, and 8, allow remote attackers to hijack the authentication of arbitrary users for requests that modify data records via vectors involving (1) the html/en/default/ directory or (2) sqa/html/en/default/process/comm/saveProps.jsp.
CVE-2012-0314 1 Emobile 2 Pocket Wifi, Pocket Wifi Firmware 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities on the eAccess Pocket WiFi (aka GP02) router before 2.00 with firmware 11.203.11.05.168 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) initialize settings or (2) reboot the device.
CVE-2012-3294 1 Ibm 2 Websphere Mq, Websphere Mq Managed File Transfer 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Web Gateway component in IBM WebSphere MQ File Transfer Edition 7.0.4 and earlier, and WebSphere MQ - Managed File Transfer 7.5, allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add user accounts via the /wmqfteconsole/Filespaces URI, (2) modify permissions via the /wmqfteconsole/FileSpacePermisssions URI, or (3) add MQ Message Descriptor (MQMD) user accounts via the /wmqfteconsole/UploadUsers URI.
CVE-2011-5131 1 Mybb 1 Mybb 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the language parameter.
CVE-2011-5011 1 Xt-commerce 1 Xt-commerce 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in xt:Commerce 3.0.4 SP2.1 and possibly earlier allow remote attackers to hijack the authentication of Admins for requests that (1) set a New user to Admin via the cID parameter to a statusconfirm action in admin/customers.php and (2) grant permissions to users via the cID parameter to a save action in admin/accounting.php.
CVE-2013-3690 1 Brickcom 7 100ap Device Firmware, Fb-100ap, Md-100ap and 4 more 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in cgi-bin/users.cgi in Brickcom FB-100Ap, WCB-100Ap, MD-100Ap, WFB-100Ap, OB-100Ae, OSD-040E, and possibly other camera models with firmware 3.1.0.8 and earlier, allows remote attackers to hijack the authentication of administrators for requests that add users.
CVE-2013-3605 1 Trivantis 1 Coursemill Learning Management System 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in Coursemill Learning Management System (LMS) 6.6 allows remote attackers to hijack the authentication of arbitrary users via vectors related to cookies.
CVE-2013-3583 1 Corporater 1 Epm Suite 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in saveProperties.html in Corporater EPM Suite allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.
CVE-2013-3513 1 Gwos 1 Groundwork Monitor 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma component in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) store XSS sequences or (2) delete entries.
CVE-2011-3668 1 Mozilla 1 Bugzilla 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports.
CVE-2012-5556 2 Drupal, Restful Web Services Project 2 Drupal, Restful Web Services 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.1 and 7.x-2.x before 7.x-2.0-alpha3 for Drupal allow remote attackers to hijack the authentication of arbitrary users via unknown vectors.
CVE-2012-5547 2 Drupal, Thomas Seidl 2 Drupal, Search Api 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in the Search API module 7.x-1.x before 7.x-1.3 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable a server via a server action or (2) enable a search index via an enable index action.