Search Results (9419 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-4837 1 Smod 1 Smodbip 2024-11-21 8.8 High
SmodBIP is vulnerable to Cross-Site Request Forgery, that could be used to induce logged in users to perform unintended actions, including creation of additional accounts with administrative privileges. This issue affects all versions of SmodBIP. SmodBIP is no longer maintained and the vulnerability will not be fixed.
CVE-2023-4824 1 Bdaia 1 Woohoo Newspaper Magazine Theme 2024-11-21 8.8 High
The WooHoo Newspaper Magazine theme does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
CVE-2023-4659 1 Free5gc 1 Free5gc 2024-11-21 9.8 Critical
Cross-Site Request Forgery vulnerability, whose exploitation could allow an attacker to perform different actions on the platform as an administrator, simply by changing the token value to "admin". It is also possible to perform POST, GET and DELETE requests without any token value. Therefore, an unprivileged remote user is able to create, delete and modify users within theapplication.
CVE-2023-4455 1 Wallabag 1 Wallabag 2024-11-21 6.5 Medium
Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3.
CVE-2023-4454 1 Wallabag 1 Wallabag 2024-11-21 5.7 Medium
Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3.
CVE-2023-4301 1 Jenkins 1 Fortify 2024-11-21 4.2 Medium
A cross-site request forgery (CSRF) vulnerability in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2023-49448 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/nav/delete.
CVE-2023-49447 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update.
CVE-2023-49446 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/save.
CVE-2023-49398 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/delete.
CVE-2023-49397 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/updateStatus.
CVE-2023-49396 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/save.
CVE-2023-49395 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/category/update.
CVE-2023-49383 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/save.
CVE-2023-49382 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/div/delete.
CVE-2023-49381 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/div/update.
CVE-2023-49380 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/delete.
CVE-2023-49379 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /admin/friend_link/save.
CVE-2023-49378 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/form/save.
CVE-2023-49377 1 Jfinalcms Project 1 Jfinalcms 2024-11-21 8.8 High
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/update.