• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-16337

February 26, 2023 by

An issue was discovered in Cscms V4.1.8. There is a CSRF vulnerability that can modify a website’s basic configuration via upload/admin.php/setting/save.

CVE-2018-16338

February 26, 2023 by

An issue was discovered in AuraCMS 2.3. There is a CSRF vulnerability that can change the administrator’s password via admin.php?mod=users and subsequently add a page or menu, or submit a topic.

CVE-2018-16339

February 26, 2023 by

An issue was discovered in EmpireCMS 7.0. There is a CSRF vulnerability that can add administrators via upload/e/admin/user/AddUser.php?enews=AddUser.

CVE-2018-16218

February 26, 2023 by

A CSRF (Cross Site Request Forgery) in the web interface of the Yeahlink Ultra-elegant IP Phone SIP-T41P firmware version 66.83.0.35 allows a remote attacker to trigger code execution or settings modification on the device by providing a crafted link to the victim.

CVE-2018-1622

February 26, 2023 by

IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144348.

CVE-2018-16136

February 26, 2023 by

An issue was discovered in the administrator interface in IPBRICK OS 6.3. The application doesn’t check for Anti-CSRF tokens, allowing the submission of multiple forms unwillingly by a victim.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 64
  • Go to page 65
  • Go to page 66
  • Go to page 67
  • Go to page 68
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE