Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

ATTACKERKB
ATTACKERKBadded 2026/06/18 6:7 a.m.5 views

CVE-2026-55745

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the Personal File Storage PFS module. In modules/pfs/inc/pfs.editfolder.php, the folder update action 'a=update' updates folder metadata title, description, public/gallery flags without calling cotcheckxg ...

5.4CVSS5.3AI score0.00116EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVEadded 2026/01/29 3:18 p.m.16 views

CVE-2025-59891

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS5.9AI score0.00127EPSS
Exploits0References1
OSV
OSVadded 2021/09/20 10:15 a.m.3 views

CVE-2021-24618

The Donate With QRCode WordPress plugin before 1.4.5 does not sanitise or escape its QRCode Image setting, which result into a Stored Cross-Site Scripting XSS. Furthermore, the plugin also does not have any CSRF and capability checks in place when saving such setting, allowing any authenticated...

5.4CVSS5.8AI score0.00374EPSS
Exploits2References1
OSV
OSVadded 2020/07/02 7:15 p.m.2 views

DEBIAN-CVE-2020-8166

A CSRF forgery vulnerability exists in rails 5.2.5, rails 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticitytoken meta tag, forge a per-form CSRF token...

4.3CVSS6AI score0.01673EPSS
Exploits1References1
UbuntuCve
UbuntuCveadded 2020/07/02 7:15 p.m.30 views

CVE-2020-8166

A CSRF forgery vulnerability exists in rails 5.2.5, rails 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticitytoken meta tag, forge a per-form CSRF token...

4.3CVSS6.7AI score0.01673EPSS
Exploits1References3
CVE
CVEadded 2020/07/02 6:35 p.m.248 views

CVE-2020-8166

CVE-2020-8166 is a CSRF forgery vulnerability in Ruby on Rails (affecting Rails < 5.2.5 and Rails

4.3CVSS4.5AI score0.01673EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichmentadded 2020/07/02 6:35 p.m.2 views

CVE-2020-8166

A CSRF forgery vulnerability exists in rails 5.2.5, rails 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticitytoken meta tag, forge a per-form CSRF token...

6.2AI score0.01673EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2020/06/02 5:53 p.m.39 views

CVE-2020-8166

A flaw was found in rubygem-actionpack. Forgery of a per-form CSRF token is possible allowing for any action to take place for that session. The highest threat from this vulnerability is to data integrity...

4.3CVSS2.7AI score0.01673EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2020/05/26 12:0 a.m.13 views

PT-2020-19995 · Ruby On Rails +3 · Rails +3

Name of the Vulnerable Software and Affected Versions: rails versions prior to 5.2.5 rails versions prior to 6.0.4 Description: A CSRF forgery issue exists that allows an attacker to forge a per-form CSRF token given a global CSRF token, such as the one present in the authenticity token meta tag...

9.8CVSS7.5AI score0.98507EPSS
Exploits52References184
Rows per page
Query Builder