Export limit exceeded: 336799 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9568 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6180 | 1 Keekoonvision | 2 Kk002 Ip Camera, Kk002 Ip Camera Firmware | 2025-04-20 | N/A |
| Keekoon KK002 devices 1.8.12 HD have a Cross Site Request Forgery Vulnerability affecting goform/formChnUserPwd and goform/formUserMng (and the entire set of other pages). | ||||
| CVE-2017-5891 | 1 Asus | 2 Rt-ac1750, Rt-ac1750 Firmware | 2025-04-20 | N/A |
| ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF. | ||||
| CVE-2017-5874 | 2 D-link, Dlink | 2 Dir-600m Firmware, Dir-600m | 2025-04-20 | N/A |
| CSRF exists on D-Link DIR-600M Rev. Cx devices before v3.05ENB01_beta_20170306. This can be used to bypass authentication and insert XSS sequences or possibly have unspecified other impact. | ||||
| CVE-2017-5476 | 1 S9y | 1 Serendipity | 2025-04-20 | N/A |
| Serendipity through 2.0.5 allows CSRF for the installation of an event plugin or a sidebar plugin. | ||||
| CVE-2017-5475 | 1 S9y | 1 Serendipity | 2025-04-20 | N/A |
| comment.php in Serendipity through 2.0.5 allows CSRF in deleting any comments. | ||||
| CVE-2017-5473 | 1 Ntop | 1 Ntopng | 2025-04-20 | N/A |
| Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary users, as demonstrated by admin/add_user.lua, admin/change_user_prefs.lua, admin/delete_user.lua, and admin/password_reset.lua. | ||||
| CVE-2017-4998 | 1 Emc | 1 Rsa Archer Egrc | 2025-04-20 | N/A |
| EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. A remote low privileged attacker may potentially exploit the vulnerability to execute unauthorized requests on behalf of the victim, using the authenticated user's privileges. | ||||
| CVE-2017-2138 | 1 Cs-cart | 2 Cs-cart, Cs-cart Multivendor | 2025-04-20 | N/A |
| Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2017-2102 | 1 Ipa | 1 Appgoat | 2025-04-20 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2017-2097 | 1 Support-project | 1 Knowledge | 2025-04-20 | 8.8 High |
| Cross-site request forgery (CSRF) vulnerability in Knowledge versions prior to v1.7.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | ||||
| CVE-2017-17939 | 1 Single Theater Booking Script Project | 1 Single Theater Booking Script | 2025-04-20 | N/A |
| PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php. | ||||
| CVE-2017-17936 | 1 Vanguard Project | 1 Marketplace Digital Products Php | 2025-04-20 | N/A |
| Vanguard Marketplace Digital Products PHP has CSRF via /search. | ||||
| CVE-2017-17930 | 1 Ordermanagementscript | 1 Professional Service Script | 2025-04-20 | N/A |
| PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. | ||||
| CVE-2017-17908 | 1 Responsive Realestate Script Project | 1 Responsive Realestate Script | 2025-04-20 | N/A |
| PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general. | ||||
| CVE-2017-17905 | 1 Car Rental Script Project | 1 Car Rental Script | 2025-04-20 | N/A |
| PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. | ||||
| CVE-2017-17903 | 1 Fortunescripts | 1 Lynda Clone | 2025-04-20 | N/A |
| FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel. | ||||
| CVE-2017-17894 | 1 Basic Job Site Script Project | 1 Basic Job Site Script | 2025-04-20 | N/A |
| Readymade Job Site Script has CSRF via the /job URI. | ||||
| CVE-2017-17891 | 1 Readymade Video Sharing Script Project | 1 Readymade Video Sharing Script | 2025-04-20 | N/A |
| Readymade Video Sharing Script has CSRF via user-profile-edit.php. | ||||
| CVE-2017-17830 | 1 Doditsolutions | 1 Bus Booking Script | 2025-04-20 | N/A |
| Bus Booking Script has CSRF via admin/new_master.php. | ||||
| CVE-2017-1746 | 1 Ibm | 1 Jazz For Service Management | 2025-04-20 | N/A |
| IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 135519. | ||||