Total
8410 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-4268 | 1 Phpredisadmin Project | 1 Phpredisadmin | 2024-11-21 | N/A | 4.3 MEDIUM |
| A vulnerability, which was classified as problematic, was found in phpRedisAdmin up to 1.17.3. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version 1.18.0 is able to address this issue. The name of the patch is b9039adbb264c81333328faa9575ecf8e0d2be94. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-216471. | |||||
| CVE-2021-4168 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4164 | 1 Janeczku | 1 Calibre-web | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| calibre-web is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4162 | 1 Archivy Project | 1 Archivy | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| archivy is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4131 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4130 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4123 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4096 | 1 Radykal | 1 Fancy Product Designer | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The Fancy Product Designer plugin for WordPress is vulnerable to Cross-Site Request Forgery via the FPD_Admin_Import class that makes it possible for attackers to upload malicious files that could be used to gain webshell access to a server in versions up to, and including, 4.7.5. | |||||
| CVE-2021-4092 | 1 Yetiforce | 1 Yetiforce Customer Relationship Management | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4082 | 1 Pimcore | 1 Pimcore | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| pimcore is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4049 | 1 Livehelperchat | 1 Live Helper Chat | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4033 | 1 Kimai | 1 Kimai 2 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4030 | 1 Zyxel | 4 Nbg6816, Nbg6816 Firmware, Nbg6817 and 1 more | 2024-11-21 | 6.8 MEDIUM | 8.0 HIGH |
| A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts. | |||||
| CVE-2021-4017 | 1 Showdoc | 1 Showdoc | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| showdoc is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4015 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-4005 | 1 Firefly-iii | 1 Firefly Iii | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | |||||
| CVE-2021-46426 | 1 Phpipam | 1 Phpipam | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality. | |||||
| CVE-2021-46398 | 1 Filebrowser | 1 Filebrowser | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A Cross-Site Request Forgery vulnerability exists in Filebrowser < 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads to RCE. | |||||
| CVE-2021-46366 | 1 Magnolia-cms | 1 Magnolia Cms | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery (CSRF) in order to brute force and exfiltrate users' credentials. | |||||
| CVE-2021-46252 | 1 Scratch-wiki | 1 Scratch Confirmaccount V3 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses. | |||||