Search Vulnerabilities

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/delete

CVE-2026-8410

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/bulk/delete

CVE-2026-8411

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete

CVE-2026-8412

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache

CVE-2026-8413

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/design

CVE-2026-8414

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate

CVE-2026-8415

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/express/association/reorder

CVE-2026-8416

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file addFavoriteFolder($id)

CVE-2026-8427

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavoriteFolder($id)

CVE-2026-8432

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star()

CVE-2026-8433

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan()

CVE-2026-8434

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescanMultiple()

CVE-2026-8435

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file approveVersion()

CVE-2026-1697

Use of unsecure cookies for GraphicalData web service and WebClient web app

Feb 26, 2026

CVE-2025-52628

HCL AION is susceptible to Missing SameSite vulnerability

Feb 3, 2026

CVE-2023-53957

CRITICAL

Kimai 1.30.10 SameSite Cookie Vulnerability Session Hijacking

Dec 19, 2025

CVE-2025-36134

LOW

IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure

Nov 25, 2025

CVE-2024-42212

HCL BigFix Compliance is affected by an improper or missing SameSite attribute

May 5, 2025

CVE-2024-30155

HCL SX is susceptible to cookie with Insecure, Improper, or Missing SameSite attribute vulnerability

Mar 26, 2025

CVE-2025-24387

Missing CSRF protection

Mar 10, 2025

Showing 1 - 20 of 1,000+ results

...

Searching...

Filters

1,000+ results

CVE-2026-8409

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/delete

CVE-2026-8410

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/logs/bulk/delete

CVE-2026-8411

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/delete

CVE-2026-8412

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/cache

CVE-2026-8413

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/page/bulk/design

CVE-2026-8414

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate

CVE-2026-8415

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/express/association/reorder

CVE-2026-8416

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file addFavoriteFolder($id)

CVE-2026-8427

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file removeFavoriteFolder($id)

CVE-2026-8432

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file star()

CVE-2026-8433

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescan()

CVE-2026-8434

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file rescanMultiple()

CVE-2026-8435

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/backend/file approveVersion()

CVE-2026-1697

Use of unsecure cookies for GraphicalData web service and WebClient web app

Feb 26, 2026

CVE-2025-52628

HCL AION is susceptible to Missing SameSite vulnerability

Feb 3, 2026

CVE-2023-53957

CRITICAL

Kimai 1.30.10 SameSite Cookie Vulnerability Session Hijacking

Dec 19, 2025

CVE-2025-36134

LOW

IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure

Nov 25, 2025

CVE-2024-42212

HCL BigFix Compliance is affected by an improper or missing SameSite attribute

May 5, 2025

CVE-2024-30155

HCL SX is susceptible to cookie with Insecure, Improper, or Missing SameSite attribute vulnerability

Mar 26, 2025

CVE-2025-24387