• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-20577

February 26, 2023 by

Orange Livebox 00.96.320S devices allow cgi-bin/restore.exe, cgi-bin/firewall_SPI.exe, cgi-bin/setup_remote_mgmt.exe, cgi-bin/setup_pass.exe, and cgi-bin/upgradep.exe CSRF. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardware 02, and Arcadyan ARV7519RW22-A-L T VR9 1.2.

CVE-2018-20582

February 26, 2023 by

The GREE+ (aka com.gree.greeplus) application 1.4.0.8 for Android suffers from Cross Site Request Forgery.

CVE-2018-20419

February 26, 2023 by

DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add an administrator account.

CVE-2018-20228

February 26, 2023 by

Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with resultant SSRF.

CVE-2018-20231

February 26, 2023 by

Cross Site Request Forgery (CSRF) in the two-factor-authentication plugin before 1.3.13 for WordPress allows remote attackers to disable 2FA via the tfa_enable_tfa parameter due to missing nonce validation.

CVE-2018-20188

February 26, 2023 by

FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator account.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 44
  • Go to page 45
  • Go to page 46
  • Go to page 47
  • Go to page 48
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE