Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-8520 MEDIUM

Ultimate Member < 2.8.7 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-41987 HIGH

TEM Opera Plus FM Family Transmitter - CSRF

CVE-2024-42504 MEDIUM

HPE IceWall Agent products - Cross-Site Request Forgery in Login Flow

CVE-2024-8458 HIGH

PLANET GS-4210-24P2S and GS-4210-24PL4C Firmware - Cross-Site Request Forgery

CVE-2024-28948 HIGH

Advantech ADAM-5630 Firmware < 2.5.2 - Cross-Site Request Forgery

CVE-2024-9282 MEDIUM

1234n minicms < 1.11 - Cross-Site Request Forgery via page-edit.php

CVE-2024-9281 MEDIUM

MiniCMS < 1.11 - Cross-Site Request Forgery in post-edit.php

CVE-2024-45987 MEDIUM

Projectworld Online Voting System 1.0 - Cross-Site Request Forgery via voter.php

CVE-2024-45983 MEDIUM

kishan0725 Hospital Management System 6.3.5 - Cross-Site Request Forgery via Doctor Record Deletion

CVE-2024-45372 MEDIUM

MZK-DP300N Firmware <= 1.04 - Cross-Site Request Forgery

CVE-2024-47315 MEDIUM

GiveWP <= 3.15.1 - Cross-Site Request Forgery

CVE-2024-47305 MEDIUM

Use Any Font <= 6.3.08 - Cross-Site Request Forgery

CVE-2024-47082 MEDIUM

strawberry-graphql < 0.243.0 - Cross-Site Request Forgery via Multipart File Upload

CVE-2024-20437 HIGH

Cisco IOS XE - Unauthenticated Cross-Site Request Forgery via Web-Based Management Interface

CVE-2024-20414 MEDIUM

Cisco IOS XE - Unauthenticated Cross-Site Request Forgery via HTTP GET Method

CVE-2024-46600 MEDIUM

dingfanzu CMS 1.0 - Cross-Site Request Forgery via /admin/doAdminAction.php

CVE-2024-46485 MEDIUM

dingfanzu CMS 1.0 - Cross-Site Request Forgery via /admin/doAdminAction.php

CVE-2024-7892 MEDIUM

adstxt Plugin WordPress < 1.0.0 - Cross-Site Request Forgery in Settings Update

CVE-2024-8476 MEDIUM

Easy PayPal Events <= 1.2.1 - Cross-Site Request Forgery via wpeevent_plugin_buttons() Function

CVE-2024-7386 MEDIUM

Premium Packages - Sell Digital Products Securely <= 5.9.1 - Cross-Site Request Forgery via addRefund() Function

CVE-2024-8795 HIGH

BA Book Everything <= 1.6.20 - Cross-Site Request Forgery via my_account_update() Function

CVE-2024-46394 HIGH

FrogCMS v0.9.5 - Cross-Site Request Forgery via User Add Endpoint

CVE-2024-46086 HIGH

FrogCMS V0.9.5 - Cross-Site Request Forgery via File Manager Delete Endpoint

CVE-2024-44064 HIGH

LikeBtn Like Button Rating <= 2.6.53 - Cross-Site Scripting

CVE-2024-46362 HIGH

FrogCMS V0.9.5 - Cross-Site Request Forgery via /admin/?/plugin/file_manager/create_directory

Previous Page 111 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy