Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token.
Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Zimbra. User interaction is required to exploit this vulnerability in that the target must open a malicious email message. The specific flaw exists within the implementation of the graphql endpoint. The issue results from the lack of proper protections against cross-site request forgery (CSRF) attacks. An attacker can leverage this vulnerability to disclose information in the context of the target email account. Was ZDI-CAN-23939.
An issue was discovered in the webmail component in Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. When using preauth, CSRF tokens are not checked on some POST endpoints. Thus, when an authenticated user views an attacker-controlled page, a request will be sent to the application that appears to be intended. The CSRF token is omitted from the request, but the request still succeeds.
An issue was discovered in Joomla! before 3.9.16. Missing token checks in the image actions of com_templates lead to CSRF.
The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.
Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request.
Benjamin BALET Jorani v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /application/controllers/Users.php.
Cross-site request forgery (CSRF) vulnerability in the web-based management interface on Cisco Small Business 220 devices with firmware before 1.0.1.1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuz76230.
An issue was discovered in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a /reports-viewScriptReport.view CSRF vulnerability.
In the Reponsive Menu (free and Pro) WordPress plugins before 4.0.4, attackers could craft a request and trick an administrator into uploading a zip archive containing malicious PHP files. The attacker could then access those files to achieve remote code execution and further infect the targeted site.
Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. It allows attacker to elevate privilege of specific account via useradmin/cf_new.cgi?chief=&wk_group=full&cf_name=test&cf_account=test&cf_email=&cf_acl=Management&apply_lang=&dn= without any authorizes.
Cross-site request forgery (CSRF) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Cross-site request forgery (CSRF) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators.
Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerability. It allows attacker to add malicious email sources into whitelist via user/save_list.php?ACSION=&type=email&category=white&locate=big5&cmd=add&new=hacker@socialengineering.com&new_memo=&add=%E6%96%B0%E5%A2%9E without any authorizes.
JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to create a new admin account.
There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter.
PilusCart 1.4.1 is vulnerable to index.php?module=users&action=newUser CSRF, leading to the addition of a new user as administrator.
An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=user&act=addnew URI, as demonstrated by adding a level=1 account, a similar issue to CVE-2018-18935.
Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH and CG-WLBARGNL devices allows remote attackers to hijack the authentication of administrators for requests that perform administrative functions.
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3.
sftnow through 2018-12-29 allows index.php?g=Admin&m=User&a=add_post CSRF to add an admin account.
PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery (CSRF) for Edit Profile actions.
njiandan-cms through 2013-05-23 has index.php/admin/user_new CSRF to add an administrator.
An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M800B-MSBR and 800C-MSBR devices with firmware versions before 7.20A.202.307. A Cross-Site Request Forgery (CSRF) vulnerability in the management web interface allows remote attackers to execute malicious and unauthorized actions, because CSRFProtection=1 is not a default and is not documented.
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17 and earlier allows remote attackers to hijack the authentication of arbitrary users.
IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 228357.
Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. This cannot be changed via the configuration page.
In Hitachi Vantara Pentaho BA Platform through 8.0, a CSRF issue exists in the Business Analytics application.
The wp-customer-reviews plugin before 3.0.9 for WordPress has CSRF in the admin tools.
The fluid-responsive-slideshow plugin before 2.2.7 for WordPress has frs_save CSRF with resultant stored XSS.
There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the filetext parameter.
A cross-site request forgery (CSRF) vulnerability in Jenkins Autocomplete Parameter Plugin 1.1 and earlier allows attackers to execute arbitrary code without sandbox protection if the victim is an administrator.
Cross-site request forgery (CSRF) vulnerability in phpMyFAQ before 2.8.6 allows remote attackers to hijack the authentication of arbitrary users for requests that modify settings.
A cross-site request forgery (CSRF) vulnerability in Jenkins Storable Configs Plugin 1.0 and earlier allows attackers to have Jenkins parse a local XML file (e.g., archived artifacts) that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.
The administrator web interface of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO Silver Fabric Enabler for ActiveMatrix BPM, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid contains multiple vulnerabilities that may allow for cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.'s TIBCO ActiveMatrix BPM: versions up to and including 4.2.0, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric: versions up to and including 4.2.0, TIBCO ActiveMatrix Policy Director: versions up to and including 1.1.0, TIBCO ActiveMatrix Service Bus: versions up to and including 3.3.0, TIBCO ActiveMatrix Service Grid: versions up to and including 3.3.1, TIBCO Silver Fabric Enabler for ActiveMatrix BPM: versions up to and including 1.4.1, and TIBCO Silver Fabric Enabler for ActiveMatrix Service Grid: versions up to and including 1.3.1.
BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI.
aimhubio/aim is vulnerable to Cross-Site Request Forgery (CSRF), allowing attackers to perform actions such as deleting runs, updating data, and stealing data like log records and notes without the user's consent. The vulnerability stems from the lack of CSRF and CORS protection in the aim dashboard. An attacker can exploit this by tricking a user into executing a malicious script that sends unauthorized requests to the aim server, leading to potential data loss and unauthorized data manipulation.
S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332.
An issue was discovered in MCMS 5.2.7. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do.
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins.
Remote Code Execution (RCE) in Alexander Stokmann's Code Snippets Extended plugin <= 1.4.7 on WordPress via Cross-Site Request Forgery.
Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account.
Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory.
CSZ CMS 1.1.8 has CSRF via admin/users/new/add.
Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CSRF).
AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF.
A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit.
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <= 1.1.2 at WordPress.
Linear eMerge E3-Series devices allow Cross-Site Request Forgery (CSRF).