• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-6391

February 26, 2023 by

A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Reservation List settings.

CVE-2018-6408

February 26, 2023 by

An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrator password or adding a new administrator account.

CVE-2018-6357

February 26, 2023 by

The acx_asmw_saveorder_callback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsArray parameter to wp-admin/admin-ajax.php, with resultant social_widget_icon_array_order XSS.

CVE-2018-6288

February 26, 2023 by

Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1.

CVE-2018-6224

February 26, 2023 by

A lack of cross-site request forgery (CSRF) protection vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to submit authenticated requests to a user browsing an attacker-controlled domain.

CVE-2018-6023

February 26, 2023 by

Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 35
  • Go to page 36
  • Go to page 37
  • Go to page 38
  • Go to page 39
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE