Total
6075 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-3258 | 1 Bufferapp | 1 Digg Digg | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in he Digg Digg plugin before 5.3.5 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors. | |||||
| CVE-2013-3257 | 1 Zemanta | 1 Related Posts | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Related Posts plugin before 2.7.2 for WordPress allows remote attackers to hijack the authentication of users for requests that modify settings via unspecified vectors. | |||||
| CVE-2013-3256 | 2 Shareaholic, Wordpress | 2 Sexybookmarks, Wordpress | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Shareaholic SexyBookmarks plugin 6.1.4.0 for WordPress allows remote attackers to hijack the authentication of users for requests that "manipulate plugin settings." | |||||
| CVE-2013-3253 | 2 Wordpress, Xhanch | 2 Wordpress, My Twitter | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in admin/setting.php in the Xhanch - My Twitter plugin before 2.7.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change unspecified settings. | |||||
| CVE-2013-3252 | 1 Lesterchan | 1 Wp-postviews | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the options admin page in the WP-PostViews plugin before 1.63 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. | |||||
| CVE-2013-3251 | 1 Qianqin | 1 Qtranslate | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the qTranslate plugin 2.5.34 and earlier for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. | |||||
| CVE-2013-3250 | 1 Wordpress | 1 Wp Maintenance Mode Plugin | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the WP Maintenance Mode plugin before 1.8.8 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings. | |||||
| CVE-2013-3098 | 1 Trendnet | 2 Tew-812dru, Tew-812dru Firmware | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in TRENDnet TEW-812DRU router with firmware before 1.0.9.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change admin credentials in a request to setSysAdm.cgi, (2) enable remote management or (3) enable port forwarding in an Apply action to uapply.cgi, or (4) have unspecified impact via a request to setNTP.cgi. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2013-3095 | 1 Dlink | 2 Dir865l, Dir865l Firmware | 2024-11-21 | 6.8 MEDIUM | N/A |
| Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR865L router (Rev. A1) with firmware before 1.05b07 allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrator password or (2) enable remote management via a request to hedwig.cgi or (3) activate configuration changes via a request to pigwidgeon.cgi. | |||||
| CVE-2013-3093 | 1 Asus | 14 Dsl-n55u, Dsl-n55u Firmware, Rt-ac66u and 11 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
| ASUS RT-N56U devices allow CSRF. | |||||
| CVE-2013-3089 | 1 Belkin | 2 N300, N300 Firmware | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin N300 (F7D7301v1) router allows remote attackers to hijack the authentication of administrators for requests that modify configuration. | |||||
| CVE-2013-3086 | 1 Belkin | 2 N900, N900 Firmware | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in util_system.html in Belkin N900 router allows remote attackers to hijack the authentication of administrators for requests that change configuration settings including passwords and remote management ports. | |||||
| CVE-2013-3083 | 1 Belkin | 1 F5d8236-4 V2 | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in cgi-bin/system_setting.exe in Belkin F5D8236-4 v2 allows remote attackers to hijack the authentication of administrators for requests that open the remote management interface on arbitrary ports via the remote_mgmt_enabled and remote_mgmt_port parameters. | |||||
| CVE-2013-3068 | 1 Cisco | 2 Linksys Wrt310n Router Firmware, Linksys Wrt350n | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksys WRT310Nv2 2.0.0.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords and modify remote management ports. | |||||
| CVE-2013-3029 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.7, and 8.5 before 8.5.5.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences. | |||||
| CVE-2013-2980 | 1 Ibm | 1 Data Studio | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to hijack the authentication of arbitrary users for requests that access monitored database information. | |||||
| CVE-2013-2778 | 1 Chatelao | 1 Php Address Book | 2024-11-21 | 7.5 HIGH | N/A |
| Cross-site request forgery (CSRF) vulnerability in addressbook/register/delete_user.php in PHP Address Book 8.2.5 allows remote attackers to hijack the authentication of administrators for requests that delete accounts, a different vulnerability than CVE-2013-0135.1. | |||||
| CVE-2013-2762 | 1 Schneider-electric | 1 Magelis Xbt Hmi | 2024-11-21 | 10.0 HIGH | N/A |
| The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions via crafted configuration data. | |||||
| CVE-2013-2754 | 1 Umi-cms | 1 Umi.cms | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/. | |||||
| CVE-2013-2752 | 1 Netgear | 1 Raidiator | 2024-11-21 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users. | |||||