Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
3 HIGH17 MEDIUM
CVE-2018-25174
MEDIUM CVSS 6.9
Find Similar
ABC ERP 0.6.4 contains a cross-site request forgery vulnerability that allows attackers to modify administrator credentials by submitting forged requests to _configurar_perfil.php. Attackers can craft
NVD RRF 0.016
CVE-2021-47800
MEDIUM CVSS 6.9
Find Similar
b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to modify admin account details without authentication. Attackers can craft a malicious HTML form to submit
NVD RRF 0.016
CVE-2016-20051
MEDIUM CVSS 6.9
Find Similar
Snews CMS 1.7 contains a cross-site request forgery vulnerability that allows attackers to change administrator credentials without authentication by crafting malicious HTML forms. Attackers can trick
snewscms
NVD RRF 0.016
CVE-2013-20005
MEDIUM CVSS 6.9
Find Similar
Qool CMS 2.0 RC2 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious web pages. Attackers ca
NVD RRF 0.016
CVE-2020-37145
MEDIUM CVSS 5.1
Find Similar
HRSALE 1.1.8 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized administrative users through the employee registration form. Attackers can craft a malicious
NVD RRF 0.015
CVE-2018-25177
MEDIUM CVSS 6.9
Find Similar
Data Center Audit 2.6.2 contains a cross-site request forgery vulnerability that allows attackers to reset administrator passwords without authentication by submitting crafted POST requests. Attackers
NVD RRF 0.015
CVE-2019-25247
MEDIUM CVSS 5.1
Find Similar
Beward N100 H.264 VGA IP Camera M2.1.6 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craf
NVD RRF 0.015
CVE-2020-37106
MEDIUM CVSS 5.1
Find Similar
Business Live Chat Software 1.0 contains a cross-site request forgery vulnerability that allows attackers to change user account roles without authentication. Attackers can craft a malicious HTML form
NVD RRF 0.015
CVE-2018-25186
MEDIUM CVSS 6.9
Find Similar
Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to modify admin user credentials by submitting forged POST requests to the profile endpoint. Attackers can c
tina4
NVD RRF 0.014
CVE-2025-26925
MEDIUM CVSS 4.3
Find Similar
Cross-Site Request Forgery (CSRF) vulnerability in Required Admin Menu Manager allows Cross Site Request Forgery.This issue affects Admin Menu Manager: from n/a through 1.0.3.
NVD RRF 0.014
CVE-2020-37046
MEDIUM CVSS 5.1
Find Similar
Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attacker
NVD RRF 0.014
CVE-2018-25152
MEDIUM CVSS 5.1
Find Similar
Ecessa Edge EV150 10.7.4 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without authentication. Attackers can craft a malicious web pa
NVD RRF 0.014
CVE-2024-56116
HIGH CVSS 8.8
Find Similar
A Cross-Site Request Forgery vulnerability in Amiro.CMS before 7.8.4 allows remote attackers to create an administrator account.
amiro
NVD RRF 0.014
CVE-2024-41344
HIGH CVSS 7.5
Find Similar
A Cross-Site Request Forgery (CSRF) in Codeigniter 3.1.13 allows attackers to arbitrarily change the Administrator password and escalate privileges.
codeigniter
NVD RRF 0.014
CVE-2019-25682
MEDIUM CVSS 5.3
Find Similar
CMSsite 1.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious HTML forms. Attackers can trick authenticated
victoralagwu
NVD RRF 0.013
CVE-2018-25397
MEDIUM CVSS 6.9
Find Similar
PHP-SHOP 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to add administrative users by crafting malicious HTML forms. Attackers can trick authenticated a
NVD RRF 0.013
CVE-2016-20054
MEDIUM CVSS 5.3
Find Similar
Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administr
nodcms
NVD RRF 0.013
CVE-2020-37144
MEDIUM CVSS 5.1
Find Similar
Exagate SYSGuard 6001 contains a cross-site request forgery vulnerability that allows attackers to create unauthorized admin accounts through a crafted HTML form. Attackers can trick users into submit
NVD RRF 0.013
CVE-2018-25168
MEDIUM CVSS 5.3
Find Similar
Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests. Attac
NVD RRF 0.013
CVE-2025-35030
HIGH CVSS 8.6
Find Similar
Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability that allows an unauthenticated attacker to trick administrative users into clicking a crafted URL and p
mieweb
NVD RRF 0.013
Page 1+ Next →