Export limit exceeded: 359063 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9333 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-4066 | 1 Fortinet | 1 Fortiweb | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb before 5.5.3 allows remote attackers to hijack the authentication of administrators for requests that change the password via unspecified vectors. | ||||
| CVE-2016-3653 | 1 Symantec | 1 Endpoint Protection Manager | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users. | ||||
| CVE-2016-1228 | 2 Ntt-east, Ntt-west | 12 Pr-400mi, Pr-400mi Firmware, Rt-400mi and 9 more | 2025-04-12 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability on NTT EAST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1006 and earlier and NTT WEST Hikari Denwa routers with firmware PR-400MI, RT-400MI, and RV-440MI 07.00.1005 and earlier allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2016-1201 | 1 Lockon | 1 Ec-cube | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 3.0.0 through 3.0.9 allows remote attackers to hijack the authentication of administrators. | ||||
| CVE-2016-1175 | 1 Sharp | 2 Aquos Hn-pp150, Aquos Hn-pp150 Firmware | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2014-2390 | 1 Mcafee | 1 Network Security Manager | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the User Management module in McAfee Network Security Manager (NSM) before 6.1.15.39 7.1.5.x before 7.1.5.15, 7.1.15.x before 7.1.15.7, 7.5.x before 7.5.5.9, and 8.x before 8.1.7.3 allows remote attackers to hijack the authentication of users for requests that modify user accounts via unspecified vectors. | ||||
| CVE-2016-1174 | 1 Hiniarata | 1 Casebook Plugin | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Menubook plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators. | ||||
| CVE-2016-1172 | 1 Hiniarata | 1 Casebook Plugin | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators. | ||||
| CVE-2014-2340 | 1 Xcloner | 1 Xcloner | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the XCloner plugin before 3.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that create website backups via a request to wp-admin/plugins.php. | ||||
| CVE-2014-2330 | 1 Check Mk Project | 1 Check Mk | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Multisite GUI in Check_MK before 1.2.5i2 allow remote attackers to hijack the authentication of users for requests that (1) upload arbitrary snapshots, (2) delete arbitrary files, or possibly have other unspecified impact via unknown vectors. | ||||
| CVE-2014-2327 | 3 Cacti, Debian, Opensuse | 3 Cacti, Debian Linux, Opensuse | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that (1) modify binary files, (2) modify configurations, or (3) add arbitrary users. | ||||
| CVE-2015-2248 | 1 Sonicwall | 1 Remote Access Firmware | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the user portal in Dell SonicWALL Secure Remote Access (SRA) products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request to cgi-bin/editBookmark. | ||||
| CVE-2016-1168 | 1 Aterm | 2 Wf800hp, Wf800hp Firmware | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2016-1167 | 1 Aterm | 2 Wg300hp, Wg300hp Firmware | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2013-0301 | 1 Owncloud | 2 Owncloud, Owncloud Server | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in apps/calendar/ajax/settings/settimezone in ownCloud before 4.0.12 allows remote attackers to hijack the authentication of users for requests that change the timezone via the timezone parameter. | ||||
| CVE-2015-2293 | 1 Yoast | 1 Wordpress Seo | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before 1.7.4 for WordPress allow remote attackers to hijack the authentication of certain users for requests that conduct SQL injection attacks via the (1) order_by or (2) order parameter in the wpseo_bulk-editor page. | ||||
| CVE-2014-2178 | 1 Cisco | 7 Rv120w, Rv120w Firmware, Rv180 and 4 more | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the administrative web interface in the Cisco RV router firmware on RV220W devices, before 1.0.5.9 on RV120W devices, and before 1.0.4.14 on RV180 and RV180W devices allows remote attackers to hijack the authentication of administrators, aka Bug ID CSCuh87145. | ||||
| CVE-2014-2152 | 1 Cisco | 1 Prime Infrastructure | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the INSERT page in Cisco Prime Infrastructure (PI) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun21868. | ||||
| CVE-2016-1158 | 1 Corega | 4 Cg-wlbargmh, Cg-wlbargmh Firmware, Cg-wlbargnl and 1 more | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH and CG-WLBARGNL devices allows remote attackers to hijack the authentication of administrators for requests that perform administrative functions. | ||||
| CVE-2016-1151 | 1 Cybozu | 1 Office | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Cybozu Office 9.9.0 through 10.3.0 allow remote attackers to hijack the authentication of arbitrary users. | ||||