• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-13407

February 26, 2023 by

A CSRF issue was discovered in Jirafeau before 3.4.1. The “delete file” feature on the admin panel is not protected against automated requests and could be abused.

CVE-2018-13340

February 26, 2023 by

Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request.

CVE-2018-13067

February 26, 2023 by

/upload/catalog/controller/account/password.php in OpenCart through 3.0.2.0 has CSRF via the index.php?route=account/password URI to change a user’s password.

CVE-2018-13010

February 26, 2023 by

WSTMall v1.9.1_170316 has CSRF via the index.php?m=Admin&c=Users&a=edit URI to add a user account.

CVE-2018-13031

February 26, 2023 by

DamiCMS v6.0.0 aand 6.1.0 allows CSRF via admin.php?s=/Admin/doadd to add an administrator account.

CVE-2018-13032

February 26, 2023 by

ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 78
  • Go to page 79
  • Go to page 80
  • Go to page 81
  • Go to page 82
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE