• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2019-13477

February 26, 2023 by

In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an attacker to change the password for the root account.

CVE-2019-13497

February 26, 2023 by

One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF for logout requests.

CVE-2019-13516

February 26, 2023 by

In OSIsoft PI Web API and prior, the affected product is vulnerable to a direct attack due to a cross-site request forgery protection setting that has not taken effect.

CVE-2019-13363

February 26, 2023 by

admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit parameter. This is exploitable via CSRF.

CVE-2019-13364

February 26, 2023 by

admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter. This is exploitable via CSRF.

CVE-2019-13370

February 26, 2023 by

index.php/admin/permissions in Ignited CMS through 2017-02-19 allows CSRF to add an administrator.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 223
  • Go to page 224
  • Go to page 225
  • Go to page 226
  • Go to page 227
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE