• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-11405

February 26, 2023 by

Kliqqi 2.0.2 has CSRF in admin/admin_users.php.

CVE-2018-11406

February 26, 2023 by

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user’s session is invalidated when the user is logged out. This behavior can be disabled through the invalidate_session option. In this case, CSRF tokens were not erased during logout which allowed for CSRF token fixation.

CVE-2018-11427

February 26, 2023 by

CSRF tokens are not used in the web application of Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior, which makes it possible to perform CSRF attacks on the device administrator.

CVE-2018-11371

February 26, 2023 by

SkyCaiji 1.2 allows CSRF to add an Administrator user.

CVE-2018-11349

February 26, 2023 by

The administration panel of Jirafeau before 3.4.1 is vulnerable to three CSRF attacks on search functionalities: search_by_name, search_by_hash, and search_link.

CVE-2018-11092

February 26, 2023 by

An issue was discovered in the Admin Notes plugin 1.1 for MyBB. CSRF allows an attacker to remotely delete all admin notes via an admin/index.php?empty=table (aka Clear Table) action.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 86
  • Go to page 87
  • Go to page 88
  • Go to page 89
  • Go to page 90
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE