• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2019-16719

February 26, 2023 by

WTCMS 1.0 allows index.php?g=admin&m=index&a=index CSRF with resultant XSS.

CVE-2019-16721

February 26, 2023 by

NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as demonstrated by deleting the admin user.

CVE-2019-16658

February 26, 2023 by

TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF.

CVE-2019-16659

February 26, 2023 by

TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF.

CVE-2019-16660

February 26, 2023 by

joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&tab=vodplay CSRF.

CVE-2019-16667

February 26, 2023 by

diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or txtRecallBuffer field, as demonstrated by executing OS commands. This occurs because csrf_callback() produces a “CSRF token expired” error and a Try Again button when a CSRF token is missing.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 208
  • Go to page 209
  • Go to page 210
  • Go to page 211
  • Go to page 212
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE