Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by CWE-352
Total 7410 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-18889 1 Puppycms 1 Puppycms 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Cross Site Request Forgery (CSRF) vulnerability in puppyCMS v5.1 that can change the admin's password via /admin/settings.php.
CVE-2020-18694 1 Ignitedcms 1 Ignitedcms 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive information and gain privilege via the component "/admin/profile/save_profile".
CVE-2020-18648 1 Juqingcms 1 Juqingcms 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross Site Request Forgery (CSRF) in JuQingCMS v1.0 allows remote attackers to gain local privileges via the component "JuQingCMS_v1.0/admin/index.php?c=administrator&a=add".
CVE-2020-18464 1 Aikcms 1 Aikcms 2024-11-21 3.5 LOW 3.5 LOW
Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in video_list.php, which can let a malicious user delete movie information.
CVE-2020-18463 1 Aikcms 1 Aikcms 2024-11-21 3.5 LOW 2.4 LOW
Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let a malicious user delete a video message.
CVE-2020-18460 1 711cms 1 711cms 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross Site Request Forgery (CSRF) vulnerability exists in 711cms v1.0.7 that can add an admin account via admin.php?c=Admin&m=content.
CVE-2020-18458 1 Damicms 1 Damicms 2024-11-21 6.0 MEDIUM 8.0 HIGH
Cross Site Request Forgery (CSRF) vulnerability exists in DamiCMS v6.0.6 that can add an admin account via admin.php?s=/Admin/doadd.
CVE-2020-18457 1 Bycms Project 1 Bycms 2024-11-21 6.0 MEDIUM 6.8 MEDIUM
Cross Site Request Forgery (CSRF) vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html.
CVE-2020-18454 1 Bycms Project 1 Bycms 2024-11-21 6.0 MEDIUM 6.8 MEDIUM
Cross Site Request Forgery (CSRF) vulnerability in bycms v1.3 via admin.php/systems/index/module_id/70/group_id/1.html.
CVE-2020-18418 1 Feifeicms 1 Feifeicms 2024-11-21 N/A 8.8 HIGH
A Cross site request forgery (CSRF) vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via /index.php?s=Admin-Admin-Insert.
CVE-2020-18416 1 Jyuu 1 Jymusic 2024-11-21 N/A 6.8 MEDIUM
An cross site request forgery (CSRF) vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information.
CVE-2020-18409 1 Catfishcms Project 1 Catfishcms 2024-11-21 N/A 6.8 MEDIUM
Cross Site Request Forgery (CSRF) vulnerability was discovered in CatfishCMS 4.8.63 that would allow attackers to obtain administrator permissions via /index.php/admin/index/modifymanage.html.
CVE-2020-18326 1 Intelliants 1 Subrion Cms 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
CVE-2020-18265 1 Simple-log Project 1 Simple-log 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=act_add_member".
CVE-2020-18264 1 Simple-log Project 1 Simple-log 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross Site Request Forgery (CSRF) in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=act_edit_member".
CVE-2020-18198 1 Pluck-cms 1 Pluck 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete specific images via the component " /admin.php?action=images."
CVE-2020-18195 1 Pluck-cms 1 Pluck 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete a specific article via the component " /admin.php?action=page."
CVE-2020-18157 1 Metinfo 1 Metinfo 2024-11-21 6.8 MEDIUM 8.8 HIGH
Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a doaddsave action in admin/index.php.
CVE-2020-18151 1 Thinkcmf 1 Thinkcmf 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Cross Site Request Forgery (CSRF) vulnerability in ThinkCMF v5.1.0, which can add an admin account.
CVE-2020-18129 1 Eyoucms 1 Eyoucms 2024-11-21 6.8 MEDIUM 8.8 HIGH
A CSRF vulnerability in Eyoucms v1.2.7 allows an attacker to add an admin account via login.php.