Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:54 p.m.7 views

CVE-2020-19886

DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for an /index.php?dbhcmspid=-80=9 can delete any menu...

8.1CVSS7.1AI score0.00439EPSS
Exploits1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.26 views

CVE-2025-2247 WP-PManager <= 1.2 - Category Deletion via CSRF

The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

0.00142EPSS
Exploits1References1
OSV
OSV
added 2025/03/31 3:40 p.m.11 views

CVE-2025-29929 Tuleap is missing CSRF protection on tracker hierarchy administration

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protection on tracker hierarchy administration. An attacker could use this vulnerability to trick victims into submitting or editing artifacts or follow-up comments. This...

4.6CVSS6.7AI score0.00184EPSS
Exploits0References6
NVD
NVD
added 2024/12/18 9:15 p.m.16 views

CVE-2024-56140

Astro is a web framework for content-driven websites. In affected versions a bug in Astro’s CSRF-protection middleware allows requests to bypass CSRF checks. When the security.checkOrigin configuration option is set to true, Astro middleware will perform a CSRF check. However, a vulnerability...

6.5CVSS0.00213EPSS
Exploits0References4
CVE
CVE
added 2024/11/07 12:0 a.m.52 views

CVE-2020-11919

CVE-2020-11919 affects Siime Eye 14.1.00000001.3.330.0.0.3.14 and is due to missing CSRF protection. The CVSSv3.1 vector indicates ADJACENT access, no privileges, user interaction required, and high impact on confidentiality, integrity, and availability (base score 8.0). Connected sources corrobo...

8CVSS7.2AI score0.00332EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2017/09/21 12:0 a.m.9 views

PT-2017-12429 · Cisco · Cisco Unified Intelligence Center

Name of the Vulnerable Software and Affected Versions: Cisco Unified Intelligence Center affected versions not specified Description: A lack of cross-site request forgery CSRF protection in the Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to execute unwanted...

8.8CVSS8.9AI score0.01168EPSS
Exploits0References5
Rows per page
Query Builder