Export limit exceeded: 10231 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10231 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-8144 | 1 Doorkeeper Project | 1 Doorkeeper | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in doorkeeper before 1.4.1 allows remote attackers to hijack the authentication of unspecified victims for requests that read a user OAuth authorization code via unknown vectors. | ||||
| CVE-2014-8773 | 1 Modx | 1 Modx Revolution | 2025-04-12 | N/A |
| MODX Revolution 2.x before 2.2.15 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism by (1) omitting the CSRF token or via a (2) long string in the CSRF token parameter. | ||||
| CVE-2015-5991 | 1 Philippine Long Distance Telephone | 4 Kasda Kw58293, Kasda Kw58293 Firmware, Speedsurf 504an and 1 more | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in form2WlanSetup.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN devices with firmware GAN9.8U26-4-TX-R6B018-PH.EN and Kasda KW58293 devices allows remote attackers to hijack the authentication of administrators for requests that perform setup operations, as demonstrated by modifying network settings. | ||||
| CVE-2015-6262 | 1 Cisco | 1 Prime Infrastructure | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Prime Infrastructure 1.2(0.103) and 2.0(0.0) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCum49054 and CSCum49059. | ||||
| CVE-2015-0542 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA Archer GRC 5.5 SP1 before P3 allow remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2015-0588 | 1 Cisco | 1 Unified Communications Domain Manager | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo77055. | ||||
| CVE-2015-0596 | 1 Cisco | 1 Webex Meetings Server | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj67163. | ||||
| CVE-2015-0651 | 1 Cisco | 1 Application Networking Manager | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web GUI in Cisco Application Networking Manager (ANM), and Device Manager (DM) on Cisco 4710 Application Control Engine (ACE) appliances, allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuo99753. | ||||
| CVE-2015-0700 | 1 Cisco | 1 Secure Access Control Server Solution Engine | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.5(0.46.5) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuj62924. | ||||
| CVE-2015-0705 | 1 Cisco | 1 Unified Meetingplace | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the SOAP API endpoints of the web-services directory in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts, aka Bug ID CSCus97494. | ||||
| CVE-2015-0735 | 1 Cisco | 1 Unified Customer Voice Portal | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Unified Customer Voice Portal (CVP) 10.5(1) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut93970. | ||||
| CVE-2015-0736 | 1 Cisco | 1 Mediasense | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and earlier allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu16728. | ||||
| CVE-2015-0741 | 1 Cisco | 1 Hosted Collaboration Solution | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(1) and earlier allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCut04596. | ||||
| CVE-2015-0759 | 1 Cisco | 1 Headend Digital Broadband Delivery System | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digital Broadband Delivery System allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2015-1424 | 1 Jakweb | 1 Gecko Cms | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Gecko CMS 2.2 and 2.3 allows remote attackers to hijack the authentication of administrators for requests that add an administrator user via a newuser request to admin/index.php. | ||||
| CVE-2015-1432 | 1 Phpbb | 1 Phpbb | 2025-04-12 | N/A |
| The message_options function in includes/ucp/ucp_pm_options.php in phpBB before 3.0.13 does not properly validate the form key, which allows remote attackers to conduct CSRF attacks and change the full folder setting via unspecified vectors. | ||||
| CVE-2015-1485 | 1 Symantec | 1 Data Loss Prevention | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to hijack the authentication of administrators. | ||||
| CVE-2015-1771 | 1 Microsoft | 1 Exchange Server | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allows remote attackers to hijack the authentication of arbitrary users, aka "Exchange Cross-Site Request Forgery Vulnerability." | ||||
| CVE-2015-1894 | 1 Ibm | 1 Optim Workload Replay | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Optim Workload Replay 2.x before 2.1.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | ||||
| CVE-2015-2759 | 1 Mcafee | 1 Data Loss Prevention Endpoint | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3 Patch 4 Hotfix 16 (9.3.416.4) allow remote attackers to hijack the authentication of users for requests that (1) obtain sensitive information or (2) modify the database via unspecified vectors. | ||||