• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2022-2762

February 23, 2023 by godfreyd94

The AdminPad WordPress plugin before 2.2 does not have CSRF check when updating admin’s note, allowing attackers to make a logged in admin update their notes via a CSRF attack

CVE-2022-27340

February 23, 2023 by godfreyd94

MCMS v5.2.7 contains a Cross-Site Request Forgery (CSRF) via /role/saveOrUpdateRole.do. This vulnerability allows attackers to escalate privileges and modify data.

CVE-2022-27374

February 23, 2023 by godfreyd94

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_42E328 at /goform/SysToolReboot.

CVE-2022-27375

February 23, 2023 by godfreyd94

Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via the function sub_422168 at /goform/WifiExtraSet.

CVE-2022-27432

February 23, 2023 by godfreyd94

A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover.

CVE-2022-27174

February 23, 2023 by godfreyd94

Cross-site request forgery (CSRF) vulnerability in Easy Blog for EC-CUBE4 Ver.1.0.1 and earlier allows a remote unauthenticated attacker to hijack the authentication of the administrator and delete a blog article or a category via a specially crafted page.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 378
  • Go to page 379
  • Go to page 380
  • Go to page 381
  • Go to page 382
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE