Total
7170 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-18080 | 1 Atlassian | 1 Bamboo | 2024-11-21 | N/A |
| The saveConfigureSecurity resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify security settings via a Cross-site request forgery (CSRF) vulnerability. | ||||
| CVE-2017-18042 | 1 Atlassian | 1 Bamboo | 2024-11-21 | N/A |
| The update user administration resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify user data including passwords via a Cross-site request forgery (CSRF) vulnerability. | ||||
| CVE-2017-18033 | 1 Atlassian | 1 Jira | 2024-11-21 | N/A |
| The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery (CSRF) vulnerabilities. | ||||
| CVE-2017-17990 | 1 Iwcnetwork | 1 Biometric Shift Employee Management System | 2024-11-21 | N/A |
| Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. | ||||
| CVE-2017-17982 | 1 Muslim Matrimonial Script Project | 1 Muslim Matrimonial Script | 2024-11-21 | N/A |
| PHP Scripts Mall Muslim Matrimonial Script has CSRF via admin/subadmin_edit.php. | ||||
| CVE-2017-17960 | 1 Php Multivendor Ecommerce Project | 1 Php Multivendor Ecommerce | 2024-11-21 | N/A |
| PHP Scripts Mall PHP Multivendor Ecommerce has CSRF via admin/sellerupd.php. | ||||
| CVE-2017-17939 | 1 Single Theater Booking Script Project | 1 Single Theater Booking Script | 2024-11-21 | N/A |
| PHP Scripts Mall Single Theater Booking has CSRF via admin/sitesettings.php. | ||||
| CVE-2017-17936 | 1 Vanguard Project | 1 Marketplace Digital Products Php | 2024-11-21 | N/A |
| Vanguard Marketplace Digital Products PHP has CSRF via /search. | ||||
| CVE-2017-17930 | 1 Ordermanagementscript | 1 Professional Service Script | 2024-11-21 | N/A |
| PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in the user panel. | ||||
| CVE-2017-17908 | 1 Responsive Realestate Script Project | 1 Responsive Realestate Script | 2024-11-21 | N/A |
| PHP Scripts Mall Responsive Realestate Script has CSRF via admin/general. | ||||
| CVE-2017-17905 | 1 Car Rental Script Project | 1 Car Rental Script | 2024-11-21 | N/A |
| PHP Scripts Mall Car Rental Script has CSRF via admin/sitesettings.php. | ||||
| CVE-2017-17903 | 1 Fortunescripts | 1 Lynda Clone | 2024-11-21 | N/A |
| FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel. | ||||
| CVE-2017-17894 | 1 Basic Job Site Script Project | 1 Basic Job Site Script | 2024-11-21 | N/A |
| Readymade Job Site Script has CSRF via the /job URI. | ||||
| CVE-2017-17891 | 1 Readymade Video Sharing Script Project | 1 Readymade Video Sharing Script | 2024-11-21 | N/A |
| Readymade Video Sharing Script has CSRF via user-profile-edit.php. | ||||
| CVE-2017-17835 | 1 Apache | 1 Airflow | 2024-11-21 | N/A |
| In Apache Airflow 1.8.2 and earlier, a CSRF vulnerability allowed for a remote command injection on a default install of Airflow. | ||||
| CVE-2017-17830 | 1 Doditsolutions | 1 Bus Booking Script | 2024-11-21 | N/A |
| Bus Booking Script has CSRF via admin/new_master.php. | ||||
| CVE-2017-17827 | 1 Piwigo | 1 Piwigo | 2024-11-21 | N/A |
| Piwigo 2.9.2 is vulnerable to Cross-Site Request Forgery via /admin.php?page=configuration§ion=main or /admin.php?page=batch_manager&mode=unit. An attacker can exploit this to coerce an admin user into performing unintended actions. | ||||
| CVE-2017-17774 | 1 Piwigo | 1 Piwigo | 2024-11-21 | N/A |
| admin/configuration.php in Piwigo 2.9.2 has CSRF. | ||||
| CVE-2017-17552 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-11-21 | N/A |
| /LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows attackers to conduct URL Redirection attacks via the src parameter, resulting in a bypass of CSRF protection, or potentially masquerading a malicious URL as trusted. | ||||
| CVE-2017-17550 | 1 Zyxel | 2 Zywall Usg 100, Zywall Usg 100 Firmware | 2024-11-21 | N/A |
| ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account. This account's access could, for example, subsequently be used for stored XSS. | ||||