CVE-2021-36443

Cross Site Request Forgery vulnerability in imcat 5.4 allows remote attackers to escalate privilege via lack of token verification...

SuiteCRM Cross-Site Request Forgery Vulnerability

SuiteCRM is a customer relationship management system from the SuiteCRM Suitecrm team.SuiteCRM has a cross-site request forgery vulnerability in versions prior to 7.11.21, which stems from the software's lack of token validation for cross-site request forgery. If the ZIP archive file contains PHP...

Cross-Site Request Forgery (CSRF) in pkp/omp

✍️ Description Attacker or malicious user is able to delete any user profile photo if a logged in user visits attacker website. because lack of CSRF token 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally your profile photo deleted...

Cross-Site Request Forgery (CSRF) in e107inc/e107

✍️ Description Attacker or malicious user is able to delete all caches if a logged in user visits attacker website. because lack of CSRF token. 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally all caches are cleared //POC.html...

CVE-2017-7951

WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context...

Ilch CMS Cross Site Request Forgery

Affected software: Ilch cms Type of vulnerability: csrf URL: http://www.ilch.de/ Discovered by: Provensec Website: http://www.provensec.com Description: Ilch cms profile field csrf Proof of concept http://demo.opensourcecms.com/ilch/admin.php?profilefields online demo Above field was vulnerable t...