PT-2026-36120

A Cross-Site Request Forgery CSRF vulnerability exists in the web management interface of the U-SPEED N300 Rounter V1.0.0. The device does not implement CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft ...

EUVD-2015-6593

Malware in sbrugna...

WordPress Plugin W3 Total Cache Cross-Site Request Forgery Vulnerability

WordPress is a set of blogging platform developed by WordPress Software Foundation using PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.W3 Total Cache plugin is a rare and superb plugin that helps you do a lot of things to optimize your blog, such as...

CVE-2013-6028

Multiple cross-site request forgery CSRF vulnerabilities in Atmail Webmail Server before 7.2 allow remote attackers to hijack the authentication of administrators for requests that 1 add user accounts, 2 modify user accounts, 3 delete user accounts, or 4 stop the product's service...

CVE-2008-7221

Cross-site request forgery CSRF vulnerability in RunCMS 1.6.1 allows remote attackers to hijack the authentication of administrators for requests that 1 add new administrators or 2 modify user profiles via a crafted request to system/admin.php...