• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2020-7201

February 26, 2023 by

A potential security vulnerability has been identified in the HPE StoreEver MSL2024 Tape Library and HPE StoreEver 1/8 G2 Tape Autoloaders. The vulnerability could be remotely exploited to allow Cross-site Request Forgery (CSRF).

CVE-2020-7210

February 26, 2023 by

Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user accounts.

CVE-2020-7029

February 26, 2023 by

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1.

CVE-2020-7005

February 26, 2023 by

In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable to a cross-site request forgery, which may allow an attacker to remotely execute arbitrary code.

CVE-2020-6844

February 26, 2023 by

In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts.

CVE-2020-6849

February 26, 2023 by

The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketo_fat CSRF with resultant XSS.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 108
  • Go to page 109
  • Go to page 110
  • Go to page 111
  • Go to page 112
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE