• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2021-42228

February 23, 2023 by

A Cross Site Request Forgery (CSRF) vulnerability exists in KindEditor 4.1.x, as demonstrated by examples/uploadbutton.html.

CVE-2021-42097

February 23, 2023 by

GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A csrf_token value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin (e.g., for account takeover).

CVE-2021-41916

February 23, 2023 by

A Cross-Site Request Forgery (CSRF) vulnerability in webTareas version 2.4 and earlier allows a remote attacker to create a new administrative profile and add a new user to the new profile. without the victim’s knowledge, by enticing an authenticated admin user to visit an attacker’s web page.

CVE-2021-41764

February 23, 2023 by

A cross-site request forgery (CSRF) vulnerability exists in Streama up to and including v1.10.3. The application does not have CSRF checks in place when performing actions such as uploading local files. As a result, attackers could make a logged-in administrator upload arbitrary local files via a CSRF attack and send them to the attacker.

CVE-2021-4168

February 23, 2023 by

showdoc is vulnerable to Cross-Site Request Forgery (CSRF)

CVE-2021-4162

February 23, 2023 by

archivy is vulnerable to Cross-Site Request Forgery (CSRF)

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 252
  • Go to page 253
  • Go to page 254
  • Go to page 255
  • Go to page 256
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE