Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-40601 MEDIUM

MediaWiki < 1.42.1 - Cross-Site Request Forgery in MediaWikiChat Extension API Modules

CVE-2024-5616 MEDIUM

mudler/LocalAI <= 2.15.0 - Cross-Site Request Forgery in Model Deletion Functionality

CVE-2024-39023 HIGH

idccms v1.35 - Cross-Site Request Forgery via admin/info_deal.php

CVE-2024-39022 HIGH

idccms v1.35 - Cross-Site Request Forgery via /admin/infoSys_deal.php?mudi=deal

CVE-2024-39021 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/vpsApiData_deal.php?mudi=del

CVE-2024-39020 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/vpsApiData_deal.php

CVE-2024-39019 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/idcProData_deal.php?mudi=del

CVE-2024-27717 MEDIUM

Eskooly Free Online School Management Software <3.0 - CSRF

CVE-2024-5943 HIGH

Nested Pages <= 3.2.7 - Cross-Site Request Forgery via Settings Page

CVE-2024-38345 HIGH

Sola Testimonials < 3.0.0 - Cross-Site Request Forgery

CVE-2024-38344 MEDIUM

WP Tweet Walls < 1.0.4 - Cross-Site Request Forgery

CVE-2024-2376 HIGH

WPQA Builder < 6.1.1 - Cross-Site Request Forgery

CVE-2024-2235 MEDIUM

Himer < 2.1.1 - Cross-Site Request Forgery in Poll Voting

CVE-2024-2233 MEDIUM

Himer < 2.1.1 - Cross-Site Request Forgery via Group Invitation Handling

CVE-2024-2040 MEDIUM

Himer < 2.1.1 - Cross-Site Request Forgery via Private Group Join

CVE-2024-4543 MEDIUM

Snippet Shortcodes <= 4.1.4 - Cross-Site Request Forgery via Shortcode Addition/Editing

CVE-2024-39326 MEDIUM

NationalSecurityAgency skills-service < 2.12.6 - Cross-Site Request Forgery via Admin Video Upload Endpoint

CVE-2024-39119 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via admin/info_deal.php

CVE-2024-5767 HIGH

sitetweet < 0.2 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-23737 MEDIUM

savignano S/Notify < 4.0.2 - Cross-Site Request Forgery via User Upload

CVE-2024-23736 HIGH

savignano S/Notify < 4.0.2 - Cross-Site Request Forgery via User Upload

CVE-2024-31902 MEDIUM

IBM InfoSphere Information Server 11.7 - CSRF

CVE-2024-6405 MEDIUM

Floating Social Buttons <1.5 - CSRF

CVE-2024-5712 HIGH

stitionai devika - Cross-Site Request Forgery

CVE-2024-5935 MEDIUM

pribai/privategpt 0.5.0 - Cross-Site Request Forgery

Previous Page 121 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy