| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) |
| archivy is vulnerable to Cross-Site Request Forgery (CSRF) |
| A vulnerability was found in the Linux kernel's block_invalidatepage in fs/buffer.c in the filesystem. A missing sanity check may allow a local attacker with user privilege to cause a denial of service (DOS) problem. |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) |
| yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF) |
| pimcore is vulnerable to Cross-Site Request Forgery (CSRF) |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) |
| kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) |
| A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts. |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) |
| JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administrator REST API. This issue affects: JFrog JFrog Artifactory JFrog Artifactory versions before 7.31.10 versions prior to 7.x; JFrog Artifactory versions before 6.23.38 versions prior to 6.x. |
| phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality. |
| A Cross-Site Request Forgery vulnerability exists in Filebrowser < 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads to RCE. |
| An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery (CSRF) in order to brute force and exfiltrate users' credentials. |
| A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses. |
| An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37.1. MassEditRegex allows CSRF. |
