CWE-352— Cross-Site Request Forgery (CSRF)

S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332.

An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete a theme (aka topic) via a /admin.php?action=theme_delete&var1= URI.

An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete modules via a /admin.php?action=module_delete&var1= URI.

An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete articles via a /admin.php?action=deletepage&var1= URI.

An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI.

PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php.

An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A predictable mechanism of generating tokens allows remote attacker…

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It allows CSRF.

There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the filetext parameter.

An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions before 7.20A.202.307. A Cross-Site Request Forgery (CSRF) vulnerability in the management web interface allows remot…

An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=user&act=addnew URI, as demonstrated by adding a level=1 account, a similar issue to CVE-2018-18935.

Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whitelisteddomains endpoint.

Darktrace Enterprise Immune System before 3.1 allows CSRF via the /config endpoint.

An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF vulnerability that can change the payment account to redirect funds.

MiniCMS 1.10 allows mc-admin/post.php?state=publish&delete= CSRF to delete articles, a different vulnerability than CVE-2018-18891.

PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery (CSRF) for Edit Profile actions.

JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to create a new admin account.

There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter.

sftnow through 2018-12-29 allows index.php?g=Admin&m=User&a=add_post CSRF to add an admin account.

PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator.

WordPress before 5.1.1 does not properly filter comment content, leading to Remote Code Execution by unauthenticated users in a default configuration. This occurs because CSRF protection is mishandled, and because Search Engine Optimizatio…

Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. It allows attacker to add malicious email sources into whitelist via user/save_list.php?ACSION=&type=email&category=white&locate=big5&cmd=add&new=hacker@socialengi…

Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. It allows attacker to elevate privilege of specific account via useradmin/cf_new.cgi?chief=&wk_group=full&cf_name=test&cf_account=test&cf_email=&cf_acl=Management&…

An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a /reports-viewScriptReport.view CSRF vulnerability.

CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin…

GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which "token" is used as a CSRF protection mechanism, but without validation that …

Various Lexmark devices have CSRF that allows an attacker to modify the configuration of the device.

goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request.

A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts.

An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of com_templates lead to CSRF.

CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request.

CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request.

CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request.

CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request.

CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request.

CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request.

CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request.

CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request.

CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request.

CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request.

CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request.

CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request.

CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request.

CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request.

CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request.

CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request.

CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request.

CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request.

CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request.

CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request.