Total
9103 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7281 | 1 Readynet Solutions | 2 Wrt300n-dd, Wrt300n-dd Firmware | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2014-4716 | 1 Thomson | 1 Twg87ouir | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Thomson TWG87OUIR allows remote attackers to hijack the authentication of unspecified victims for requests that change passwords via the Password and PasswordReEnter parameters to goform/RgSecurity. | ||||
| CVE-2015-7284 | 1 Zyxel | 2 Nbg-418n, Nbg-418n Firmware | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users. | ||||
| CVE-2014-4636 | 1 Emc | 1 Documentum Wdk | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to hijack the authentication of arbitrary users for requests that perform Docbase operations. | ||||
| CVE-2015-4252 | 1 Cisco | 1 Telepresence Isdn Gw 3241 | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ISDN Gateway devices with software 2.2(1.106) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90724. | ||||
| CVE-2015-4242 | 1 Cisco | 1 Firesight System Software | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0 in FireSIGHT Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu94721. | ||||
| CVE-2014-4510 | 1 Debian | 1 Apt-cacher | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in job.cc in apt-cacher-ng 0.7.26 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2014-4333 | 1 Boonex | 1 Dolphin | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in administration/profiles.php in Dolphin 7.1.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the members[] parameter, related to CVE-2014-3810. | ||||
| CVE-2014-4188 | 1 Hitachi | 2 Jp1\/performance Management-manager Web Option, Tuning Manager | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Hitachi Tuning Manager before 7.6.1-06 and 8.x before 8.0.0-04 and JP1/Performance Management - Manager Web Option 07-00 through 07-54 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2015-3624 | 1 Ektron | 1 Ektron Content Management System | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Test/WorkArea/DmsMenu/menuActions/MenuActions.aspx in Ektron Content Management System (CMS) before 9.10 SP1 (Build 9.1.0.184.1.120) allows remote attackers to hijack the authentication of content administrators for requests that delete content via a delete action. | ||||
| CVE-2014-4155 | 1 Zte | 2 Zxv10 W300, Zxv10 W300 Firmware | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to Forms/tools_admin_1. | ||||
| CVE-2015-3382 | 1 Insite | 1 Node Basket | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Node basket module for Drupal allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add or (2) remove nodes from a basket via unspecified vectors. | ||||
| CVE-2015-3380 | 1 Funnymonkey | 1 Feature Set | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Feature Set module for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable or (2) disable a module via unspecified vectors. | ||||
| CVE-2015-3375 | 1 Niif | 1 Shibboleth Authentication | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors. | ||||
| CVE-2015-3367 | 1 Patterns | 1 Patterns | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Patterns module before 7.x-2.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) restore, (2) publish, or (3) unpublish a pattern via unspecified vectors. | ||||
| CVE-2014-4030 | 1 Longtailvideo | 1 Jw Player For Flash \& Html5 Video Plugin | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the JW Player plugin before 2.1.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that remove players via a delete action to wp-admin/admin.php. | ||||
| CVE-2015-3366 | 1 Alfresco | 1 Alfresco | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Alfresco module before 6.x-1.3 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete an alfresco node via unspecified vectors. | ||||
| CVE-2014-3920 | 1 Kanboard | 1 Kanboard | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Kanboard before 1.0.6 allows remote attackers to hijack the authentication of administrators for requests that add an administrative user via a save action to the default URI. | ||||
| CVE-2015-3363 | 1 Joshics | 1 Contact Form Fields | 2025-04-12 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Contact Form Fields module before 6.x-2.3 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete fields via unspecified vectors. | ||||
| CVE-2015-3351 | 1 Log Watcher Project | 1 Log Watcher | 2025-04-12 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the Log Watcher module before 6.x-1.2 for Drupal allow remote attackers to hijack the authentication of administrators for requests that (1) enable, (2) disable, or (3) delete a report via unspecified vectors. | ||||