• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2018-11096

February 26, 2023 by

Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF vulnerability through which an attacker can change all of the target’s account information remotely.

CVE-2018-11126

February 26, 2023 by

dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account.

CVE-2018-11127

February 26, 2023 by

e107 2.1.7 has CSRF resulting in arbitrary user deletion.

CVE-2018-11018

February 26, 2023 by

An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery (CSRF) vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html.

CVE-2018-10957

February 26, 2023 by

CSRF exists on D-Link DIR-868L devices, leading to (for example) a change to the Admin password. hedwig.cgi and pigwidgeon.cgi are two of the affected components.

CVE-2018-1098

February 26, 2023 by

A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe (can’t PUT from an HTML form or such) but POST allows creating in-order keys that an attacker can send.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 87
  • Go to page 88
  • Go to page 89
  • Go to page 90
  • Go to page 91
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE