Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-1927 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-1927)
vulnerability in csrf (CVE-2025-1927). Data can be tampered with by attackers.
|
| CVE-2025-11022 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11022)
vulnerability in csrf (CVE-2025-11022). Successful exploitation can lead to full system takeover.
|
| CVE-2025-13296 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-13296)
vulnerability in csrf (CVE-2025-13296). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-56400 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-56400)
vulnerability in csrf (CVE-2025-56400). Successful exploitation can lead to full system takeover.
|
| CVE-2025-56009 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-56009)
vulnerability in csrf (CVE-2025-56009). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60535 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-60535)
vulnerability in csrf (CVE-2025-60535). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-60956 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-60956)
vulnerability in csrf (CVE-2025-60956). Successful exploitation can lead to full system takeover.
|
| CVE-2025-0610 |
|
Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request...
Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request...
|
| CVE-2025-50847 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-50847)
vulnerability in csrf (CVE-2025-50847). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-50586 |
|
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
|
| CVE-2024-11142 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-11142)
vulnerability in csrf (CVE-2024-11142). Successful exploitation can lead to full system takeover.
|
| CVE-2025-26570 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-26570)
vulnerability in csrf (CVE-2025-26570). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-26569 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-26569)
vulnerability in csrf (CVE-2025-26569). Risk of unauthorized operations or information disclosure.
|
| CVE-2024-57523 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-57523)
vulnerability in csrf (CVE-2024-57523). Data can be tampered with by attackers.
|
| CVE-2024-37774 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-37774)
vulnerability in csrf (CVE-2024-37774). Successful exploitation can lead to full system takeover.
|
| CVE-2023-6676 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-6676)
vulnerability in csrf (CVE-2023-6676). Successful exploitation can lead to full system takeover.
|
| CVE-2023-47322 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47322)
vulnerability in csrf (CVE-2023-47322). Successful exploitation can lead to full system takeover.
|
| CVE-2023-47326 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47326)
vulnerability in csrf (CVE-2023-47326). Successful exploitation can lead to full system takeover.
|
| CVE-2023-45992 |
|
Cross-Site Scripting (XSS) in csrf (CVE-2023-45992)
cross-site scripting in csrf (CVE-2023-45992). Successful exploitation can lead to full system takeover.
|
| CVE-2023-45815 |
|
Cross-Site Scripting (XSS) in archivebox (CVE-2023-45815)
cross-site scripting in archivebox (CVE-2023-45815). Confidential information can be exposed externally. Mitigation: upgrade to `0.9.0` or later.
|
| CVE-2023-43278 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-43278)
vulnerability in csrf (CVE-2023-43278). Successful exploitation can lead to full system takeover.
|
| CVE-2023-39061 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-39061)
vulnerability in csrf (CVE-2023-39061). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-40488 |
|
ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF).
ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF).
|
| CVE-2022-43340 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-43340)
vulnerability in csrf (CVE-2022-43340). Successful exploitation can lead to full system takeover.
|
| CVE-2018-14519 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2018-14519)
vulnerability in csrf (CVE-2018-14519). Risk of unauthorized operations or information disclosure.
|
| CVE-2022-26173 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-26173)
vulnerability in csrf (CVE-2022-26173). Successful exploitation can lead to full system takeover.
|
| CVE-2020-19964 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-19964)
vulnerability in csrf (CVE-2020-19964). Data can be tampered with by attackers.
|
| CVE-2020-20586 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-20586)
vulnerability in csrf (CVE-2020-20586). Data can be tampered with by attackers.
|
| CVE-2021-31659 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2021-31659)
vulnerability in csrf (CVE-2021-31659). Successful exploitation can lead to full system takeover.
|
| CVE-2021-26216 |
|
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
|
| CVE-2021-26215 |
|
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
|
| CVE-2020-35273 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-35273)
vulnerability in csrf (CVE-2020-35273). Successful exploitation can lead to full system takeover.
|
| CVE-2020-23451 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-23451)
vulnerability in csrf (CVE-2020-23451). Successful exploitation can lead to full system takeover.
|
| CVE-2020-15711 |
|
In MISP before 2.4.129, setting a favourite homepage was not CSRF protected.
In MISP before 2.4.129, setting a favourite homepage was not CSRF protected.
|
| CVE-2022-30014 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-30014)
vulnerability in csrf (CVE-2022-30014). Successful exploitation can lead to full system takeover.
|
| CVE-2022-25523 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-25523)
vulnerability in csrf (CVE-2022-25523). Successful exploitation can lead to full system takeover.
|
| CVE-2022-23349 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-23349)
vulnerability in csrf (CVE-2022-23349). Successful exploitation can lead to full system takeover.
|
| CVE-2020-18326 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-18326)
vulnerability in csrf (CVE-2020-18326). Successful exploitation can lead to full system takeover.
|
| CVE-2022-25146 |
|
Vulnerability in csrf (CVE-2022-25146)
vulnerability in csrf (CVE-2022-25146). Risk of unauthorized operations or information disclosure.
|
| CVE-2020-7534 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-7534)
vulnerability in csrf (CVE-2020-7534). Successful exploitation can lead to full system takeover.
|
| CVE-2020-21884 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-21884)
vulnerability in csrf (CVE-2020-21884). Successful exploitation can lead to full system takeover.
|
| CVE-2020-27574 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-27574)
vulnerability in csrf (CVE-2020-27574). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17990 |
|
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action.
|
| CVE-2017-17982 |
|
PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php.
PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php.
|
| CVE-2014-0120 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2014-0120)
vulnerability in csrf (CVE-2014-0120). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17960 |
|
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.
PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php.
|
| CVE-2017-17939 |
|
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php.
|
| CVE-2017-17936 |
|
Vanguard Marketplace Digital Products PHP has CSRF via /search.
Vanguard Marketplace Digital Products PHP has CSRF via /search.
|
| CVE-2017-17905 |
|
PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php.
PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php.
|
| CVE-2017-17903 |
|
FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel.
FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel.
|