Total
7786 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-49382 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/div/delete. | |||||
| CVE-2023-49381 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/div/update. | |||||
| CVE-2023-49380 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/delete. | |||||
| CVE-2023-49379 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /admin/friend_link/save. | |||||
| CVE-2023-49378 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/form/save. | |||||
| CVE-2023-49377 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/update. | |||||
| CVE-2023-49376 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/delete. | |||||
| CVE-2023-49375 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update. | |||||
| CVE-2023-49374 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update. | |||||
| CVE-2023-49373 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete. | |||||
| CVE-2023-49372 | 1 Jfinalcms Project | 1 Jfinalcms | 2024-11-21 | N/A | 8.8 HIGH |
| JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save. | |||||
| CVE-2023-49197 | 1 Apasionados | 1 Dofollow Case By Case | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Apasionados, Apasionados del Marketing, NetConsulting DoFollow Case by Case.This issue affects DoFollow Case by Case: from n/a through 3.4.2. | |||||
| CVE-2023-49164 | 1 Oceanwp | 1 Ocean Extra | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in OceanWP Ocean Extra.This issue affects Ocean Extra: from n/a through 2.2.2. | |||||
| CVE-2023-49163 | 1 Mtrv | 1 Teachpress | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Michael Winkler teachPress.This issue affects teachPress: from n/a through 9.0.5. | |||||
| CVE-2023-49155 | 1 Wow-company | 1 Button Generator | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder.This issue affects Button Generator – easily Button Builder: from n/a through 2.3.8. | |||||
| CVE-2023-49153 | 1 Codeastrology | 1 Add To Cart Text Changer And Customize Button\, Add Custom Icon | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Saiful Islam Add to Cart Text Changer and Customize Button, Add Custom Icon.This issue affects Add to Cart Text Changer and Customize Button, Add Custom Icon: from n/a through 2.0. | |||||
| CVE-2023-49148 | 1 Affiliatebooster | 1 Affiliate Booster | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Kulwant Nagi Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates.This issue affects Affiliate Booster – Pros & Cons, Notice, and CTA Blocks for Affiliates: from n/a through 3.0.5. | |||||
| CVE-2023-49076 | 1 Pimcore | 1 Pimcore | 2024-11-21 | N/A | 4.3 MEDIUM |
| Customer-data-framework allows management of customer data within Pimcore. There are no tokens or headers to prevent CSRF attacks from occurring, therefore an attacker could abuse this vulnerability to create new customers. This issue has been patched in version 4.0.5. | |||||
| CVE-2023-49006 | 1 Phpsysinfo | 1 Phpsysinfo | 2024-11-21 | N/A | 6.5 MEDIUM |
| Cross Site Request Forgery (CSRF) vulnerability in Phpsysinfo version 3.4.3 allows a remote attacker to obtain sensitive information via a crafted page in the XML.php file. | |||||
| CVE-2023-48914 | 1 Iteachyou | 1 Dreamer Cms | 2024-11-21 | N/A | 8.8 HIGH |
| Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/add. | |||||