Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-28731 MEDIUM

DLink DWR-2000M Firmware 1.34ME - Cross-Site Request Forgery via Port Forwarding Option

CVE-2024-11125 MEDIUM

GetSimpleCMS 3.3.16 - Cross-Site Request Forgery in Profile Management

CVE-2024-51489 MEDIUM

Ampache - Cross-Site Request Forgery via Message Sending

CVE-2024-51488 MEDIUM

Ampache - Cross-Site Request Forgery via Message Deletion

CVE-2024-51487 HIGH

Ampache - Cross-Site Request Forgery in Catalog Activation/Deactivation

CVE-2024-51485 HIGH

Ampache - Cross-Site Request Forgery in Plugin Activation/Deactivation

CVE-2024-51484 HIGH

Ampache - Cross-Site Request Forgery in Controller Activation/Deactivation

CVE-2024-51647 HIGH

Chaser324 Featured Posts Scroll - CSRF

CVE-2024-51630 HIGH

Lars Schenk Responsive Flickr Gallery <2.3.1 - CSRF/XSS

CVE-2024-52002 HIGH

Combodo iTop < 3.2.0 - Cross-Site Request Forgery

CVE-2024-51157 MEDIUM

07flycms V1.3.9 - Cross-Site Request Forgery via OaSchedule Add Endpoint

CVE-2024-50966 CRITICAL

dingfanzu CMS V1.0 - Cross-Site Request Forgery via Admin Action Endpoint

CVE-2024-51382 HIGH

JATOS 3.9.3 - Cross-Site Request Forgery

CVE-2024-51381 HIGH

JATOS 3.9.3 - Cross-Site Request Forgery

CVE-2024-10711 HIGH

WooCommerce Report < 1.5.1 - Cross-Site Request Forgery via Settings Update Functionality

CVE-2024-9689 MEDIUM

Post From Frontend < 1.0.0 - Cross-Site Request Forgery via Post Deletion

CVE-2024-31998 HIGH

Combodo iTop - CSV Import Simulation CSRF

CVE-2024-48057 MEDIUM

mudler/localai <=2.20.1 - Cross-Site Scripting via Delete Model API

CVE-2024-30617 MEDIUM

Chamilo LMS 1.11.26 - Cross-Site Request Forgery in Social Wall Post

CVE-2024-41744 MEDIUM

IBM CICS TX Standard 11.1 - Cross-Site Request Forgery

CVE-2024-47359 MEDIUM

Depicter Slider <3.2.2 - Info Disclosure

CVE-2024-39639 MEDIUM

WordPress File Upload < 4.24.7 - Cross-Site Request Forgery via Incorrectly Configured Access Control

CVE-2024-10605 MEDIUM

Blood Bank Management System 1.0 - Cross-Site Request Forgery in /file/request.php

CVE-2024-49685 MEDIUM

Smash Balloon Custom Twitter Feeds - CSRF

CVE-2024-49674 CRITICAL

Lukas Huser EKC Tournament Manager - CSRF

Previous Page 107 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy