Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-39158 HIGH

idccms v1.35 - Cross-Site Request Forgery via /admin/userSys_deal.php?mudi=infoSet

CVE-2024-39157 LOW

idccms v1.35 - Cross-Site Request Forgery via /admin/ipRecord_deal.php

CVE-2024-39156 LOW

idccms v1.35 - Cross-Site Request Forgery via /admin/keyWord_deal.php?mudi=add

CVE-2024-39155 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/ipRecord_deal.php

CVE-2024-39154 HIGH

idccms v1.35 - Cross-Site Request Forgery via /admin/keyWord_deal.php

CVE-2024-39153 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/info_deal.php

CVE-2024-4758 HIGH

Muslim Prayer Time BD < 2.5 - Cross-Site Request Forgery via Settings Reset

CVE-2024-4757 HIGH

Logo Manager For Enamad < 0.7 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-4839 LOW

lollms-webui 9.6-latest - Cross-Site Request Forgery in Servers Configurations

CVE-2024-4499 MEDIUM

lollms 9.6 - Cross-Site Request Forgery via Lax CORS Policy

CVE-2024-5596 MEDIUM

ARMember Premium < 6.7 - Cross-Site Request Forgery via Incorrect Nonce Validation

CVE-2024-3593 HIGH

UberMenu < 3.8.3 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-37230 MEDIUM

Rara Theme Book Landing Page <= 1.2.3 - Cross-Site Request Forgery

CVE-2024-37227 MEDIUM

Tribulant Newsletters < 4.9.7 - Cross-Site Request Forgery

CVE-2024-37212 HIGH

Ali2Woo Lite < 3.3.5 - Cross-Site Request Forgery

CVE-2024-37198 MEDIUM

blazethemes Digital Newspaper <= 1.1.5 - Cross-Site Request Forgery

CVE-2024-37118 MEDIUM

Uncanny Automator Pro < 5.3 - Cross-Site Request Forgery Leading to License Settings Reset

CVE-2024-35772 MEDIUM

presscustomizr Hueman <= 3.7.24 - Cross-Site Request Forgery

CVE-2024-35771 MEDIUM

Customizr < 4.4.21 - Cross-Site Request Forgery

CVE-2024-35770 MEDIUM

Vimeography < 2.4.1 - Cross-Site Request Forgery

CVE-2024-4969 MEDIUM

Widget Bundle < 2.0.0 - Cross-Site Request Forgery via Widget Logging

CVE-2024-4475 MEDIUM

WP Logs Book < 1.0.1 - Cross-Site Request Forgery via Log Clearing

CVE-2024-4474 MEDIUM

WP Logs Book < 1.0.1 - Cross-Site Request Forgery in Settings Update

CVE-2024-4382 MEDIUM

Wielebenwir Commonsbooking < 0.9.4.18 - CSRF

CVE-2024-5676 MEDIUM

Paradox IP150 Internet Module <1.40.00 - CSRF

Previous Page 122 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy