Export limit exceeded: 347381 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (9142 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-0207 | 2 Drupal, Leighton Whiting | 2 Drupal, Mark Complete | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Mark Complete module 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2013-0214 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.21, 3.6.x before 3.6.12, and 4.x before 4.0.2 allows remote attackers to hijack the authentication of arbitrary users by leveraging knowledge of a password and composing requests that perform SWAT actions. | ||||
| CVE-2013-0320 | 2 Drupal, Mattias Hutterer | 2 Drupal, Taxonomy Manager | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Taxonomy Manager (taxonomy_manager) module 6.x-2.x before 6.x-2.2 and 7.x-1.x before 7.x-1.0-rc1 for Drupal allows remote attackers to hijack the authentication of users with 'administer taxonomy' permissions via unspecified vectors. | ||||
| CVE-2013-0327 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors. | ||||
| CVE-2013-0328 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2013-0329 | 2 Jenkins, Redhat | 2 Jenkins, Openshift | 2025-04-11 | N/A |
| Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors. | ||||
| CVE-2013-1088 | 1 Novell | 1 Imanager | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container. | ||||
| CVE-2013-1120 | 1 Cisco | 2 Unity Express, Unity Express Software | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software before 8.0 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910. | ||||
| CVE-2013-1128 | 1 Cisco | 1 Unified Meetingplace | 2025-04-11 | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace before 7.1(2.2000) allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuc64903. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2013-1153 | 1 Cisco | 1 Prime Infrastructure | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the web interface in Cisco Prime Infrastructure allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCue84676. | ||||
| CVE-2013-1468 | 1 Piwigo | 1 Piwigo | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors. | ||||
| CVE-2013-1692 | 2 Mozilla, Redhat | 5 Firefox, Thunderbird, Thunderbird Esr and 2 more | 2025-04-11 | N/A |
| Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not prevent the inclusion of body data in an XMLHttpRequest HEAD request, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a crafted web site. | ||||
| CVE-2013-1734 | 1 Mozilla | 1 Bugzilla | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.0.x before 4.0.11; 4.1.x and 4.2.x before 4.2.7; and 4.3.x and 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that commit an attachment change via an update action. | ||||
| CVE-2013-2305 | 1 Cybozu | 3 Cybozu Dezie, Cybozu Office, Mailwise | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords. | ||||
| CVE-2013-2701 | 1 Linksalpha | 1 Social Sharing Toolkit Plugin | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unknown vectors. | ||||
| CVE-2013-2702 | 2 Thulasidas, Wordpress | 2 Easy-adsense-lite, Wordpress | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Easy AdSense Lite plugin before 6.10 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings. | ||||
| CVE-2013-2703 | 2 Crunchify, Wordpress | 2 Facebook Members, Wordpress | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Facebook Members plugin before 5.0.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify this plugin's settings. | ||||
| CVE-2013-2704 | 2 Metin Saylan, Wordpress | 2 Dropdown Menu Widget, Wordpress | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Dropdown Menu Widget plugin 1.9.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences. | ||||
| CVE-2013-2709 | 2 Crunchify, Wordpress | 2 Foursquare-checkins, Wordpress | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the FourSquare Checkins plugin before 1.3 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | ||||
| CVE-2013-2752 | 1 Netgear | 1 Raidiator | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users. | ||||