Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (9189 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2022-0141 1 Vfbpro 1 Visual Form Builder 2024-11-21 8.1 High
The Visual Form Builder WordPress plugin before 3.0.8 does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and restore arbitrary form entries via CSRF attacks
CVE-2022-0134 1 Bologer 1 Anycomment 2024-11-21 8.8 High
The AnyComment WordPress plugin before 0.2.18 does not have CSRF checks in the Import and Revert HyperComments features, allowing attackers to make logged in admin perform such actions via a CSRF attack
CVE-2021-4168 1 Showdoc 1 Showdoc 2024-11-21 8.8 High
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4164 1 Janeczku 1 Calibre-web 2024-11-21 8.8 High
calibre-web is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4162 1 Archivy Project 1 Archivy 2024-11-21 4.3 Medium
archivy is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4131 1 Livehelperchat 1 Live Helper Chat 2024-11-21 8.8 High
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4130 1 Snipeitapp 1 Snipe-it 2024-11-21 8.8 High
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4123 1 Livehelperchat 1 Live Helper Chat 2024-11-21 6.5 Medium
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4092 1 Yetiforce 1 Yetiforce Customer Relationship Management 2024-11-21 4.3 Medium
yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4082 1 Pimcore 1 Pimcore 2024-11-21 4.3 Medium
pimcore is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4049 1 Livehelperchat 1 Live Helper Chat 2024-11-21 6.5 Medium
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4033 1 Kimai 1 Kimai 2 2024-11-21 6.5 Medium
kimai2 is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4030 1 Zyxel 4 Nbg6816, Nbg6816 Firmware, Nbg6817 and 1 more 2024-11-21 8 High
A cross-site request forgery vulnerability in the HTTP daemon of the Zyxel ARMOR Z1/Z2 firmware could allow an attacker to execute arbitrary commands if they coerce or trick a local user to visit a compromised website with malicious scripts.
CVE-2021-4017 1 Showdoc 1 Showdoc 2024-11-21 8.8 High
showdoc is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4015 1 Firefly-iii 1 Firefly Iii 2024-11-21 4.3 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-4005 1 Firefly-iii 1 Firefly Iii 2024-11-21 4.3 Medium
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-46426 1 Phpipam 1 Phpipam 2024-11-21 6.1 Medium
phpIPAM 1.4.4 allows Reflected XSS and CSRF via app/admin/subnets/find_free_section_subnets.php of the subnets functionality.
CVE-2021-46398 1 Filebrowser 1 Filebrowser 2024-11-21 8.8 High
A Cross-Site Request Forgery vulnerability exists in Filebrowser < 2.18.0 that allows attackers to create a backdoor user with admin privilege and get access to the filesystem via a malicious HTML webpage that is sent to the victim. An admin can run commands using the FileBrowser and hence it leads to RCE.
CVE-2021-46366 1 Magnolia-cms 1 Magnolia Cms 2024-11-21 8.8 High
An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery (CSRF) in order to brute force and exfiltrate users' credentials.
CVE-2021-46252 1 Scratch-wiki 1 Scratch Confirmaccount V3 2024-11-21 6.5 Medium
A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses.