Total
8268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-42604 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_group.php?mode=delete&group_id=3 | |||||
| CVE-2024-42608 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/submit_page.php. | |||||
| CVE-2024-42579 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component add_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42577 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component add_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42580 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42581 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42582 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component delete_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42583 | 1 Siamonhasan | 1 Warehouse Inventory System | 2024-08-21 | N/A | 8.8 HIGH |
| A Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. | |||||
| CVE-2024-42603 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=clearall | |||||
| CVE-2024-42605 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/edit_page.php?link_id=1 | |||||
| CVE-2024-42606 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_log.php?clear=1 | |||||
| CVE-2024-42607 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=database | |||||
| CVE-2024-42609 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=avatars | |||||
| CVE-2024-42610 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=files | |||||
| CVE-2024-42611 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/admin_page.php?link_id=1&mode=delete | |||||
| CVE-2024-42613 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_widgets.php?action=install&widget=akismet | |||||
| CVE-2024-42617 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_config.php?action=save&var_id=32 | |||||
| CVE-2024-42618 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /module.php?module=karma | |||||
| CVE-2024-42621 | 1 Pligg | 1 Pligg Cms | 2024-08-21 | N/A | 8.8 HIGH |
| Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_editor.php | |||||
| CVE-2024-7850 | 2024-08-20 | N/A | 6.1 MEDIUM | ||
| The BP Profile Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.7.5. This is due to missing or incorrect nonce validation on the bps_ajax_field_selector(), bps_ajax_template_options(), and bps_ajax_field_row() functions. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. | |||||