• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2020-10734

February 26, 2023 by

A vulnerability was found in keycloak in the way that the OIDC logout endpoint does not have CSRF protection. Versions shipped with Red Hat Fuse 7, Red Hat Single Sign-on 7, and Red Hat Openshift Application Runtimes are believed to be vulnerable.

CVE-2020-10671

February 26, 2023 by

The Canon Oce Colorwave 500 4.0.0.0 printer’s web application is missing any form of CSRF protections. This is a system-wide issue. An attacker could perform administrative actions by targeting a logged-in administrative user. NOTE: this is fixed in the latest version.

CVE-2020-10568

February 26, 2023 by

The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings.

CVE-2020-10491

February 26, 2023 by

CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request.

CVE-2020-10492

February 26, 2023 by

CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request.

CVE-2020-10493

February 26, 2023 by

CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 168
  • Go to page 169
  • Go to page 170
  • Go to page 171
  • Go to page 172
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE