• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2020-10490

February 26, 2023 by

CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request.

CVE-2020-10241

February 26, 2023 by

An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of com_templates lead to CSRF.

CVE-2020-10229

February 26, 2023 by

A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator’s behalf, such as uploading files, adding users, and deleting accounts.

CVE-2020-10181

February 26, 2023 by

goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_useradministrator123456 request.

CVE-2020-10057

February 26, 2023 by

GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which “token” is used as a CSRF protection mechanism, but without validation that “token” is associated with an administrative user.

CVE-2019-9926

February 26, 2023 by

An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a /reports-viewScriptReport.view CSRF vulnerability.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 173
  • Go to page 174
  • Go to page 175
  • Go to page 176
  • Go to page 177
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE