• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-20971

February 26, 2023 by

The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan.

CVE-2018-20972

February 26, 2023 by

The companion-auto-update plugin before 3.2.1 for WordPress has CSRF.

CVE-2018-20974

February 26, 2023 by

The js-jobs plugin before 1.0.7 for WordPress has CSRF.

CVE-2018-20872

February 26, 2023 by

DrayTek routers before 2018-05-23 allow CSRF attacks to change DNS or DHCP settings, a related issue to CVE-2017-11649.

CVE-2018-20848

February 26, 2023 by

Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddie_ajout.php and en/achat/caddie_affichage.php, as demonstrated by an XSS payload in the couleurId[0] parameter to the latter.

CVE-2018-20816

February 26, 2023 by

An XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the “add dashboard pages” feature where users can receive a malicious attack through a phished URL, with script executed.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 41
  • Go to page 42
  • Go to page 43
  • Go to page 44
  • Go to page 45
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE