• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-20595

February 26, 2023 by

A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in the session after user authentication is successful.

CVE-2018-20598

February 26, 2023 by

UCMS 1.4.7 has ?do=user_addpost CSRF.

CVE-2018-20603

February 26, 2023 by

Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF.

CVE-2018-20612

February 26, 2023 by

UWA 2.3.11 allows index.php?g=admin&c=admin&a=add_admin_do CSRF.

CVE-2018-20613

February 26, 2023 by

TEMMOKU T1.09 Beta allows admin/user/add CSRF.

CVE-2018-20576

February 26, 2023 by

Orange Livebox 00.96.320S devices allow cgi-bin/autodialing.exe and cgi-bin/phone_test.exe CSRF, leading to arbitrary outbound telephone calls to an attacker-specified telephone number. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T VR9 1.2.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 43
  • Go to page 44
  • Go to page 45
  • Go to page 46
  • Go to page 47
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE