Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,347 vulnerabilities with CWE-352

CVE-2024-5185 HIGH

EmbedAI < b2ad64a8 - Cross-Site Request Forgery via Weak Session Management

CVE-2024-4429 MEDIUM

OpenText iManager 3.2.6.0200 - CSRF

CVE-2024-5428 MEDIUM

SourceCodester Simple Online Bidding System 1.0 - Cross-Site Request Forgery in HTTP POST Request Handler

CVE-2024-4535 HIGH

KKProgressbar2 Free < 1.1.4.2 - Cross-Site Request Forgery

CVE-2024-4534 MEDIUM

KKProgressbar2 Free < 1.1.4.2 - Cross-Site Request Forgery and Stored Cross-Site Scripting

CVE-2024-4532 MEDIUM

Business Card WordPress plugin <= 1.0.0 - Cross-Site Request Forgery

CVE-2024-4531 HIGH

Business Card WordPress Plugin <= 1.0.0 - Cross-Site Request Forgery

CVE-2024-4530 MEDIUM

Business Card WordPress Plugin <= 1.0.0 - Cross-Site Request Forgery via Card Category Editing

CVE-2024-4529 MEDIUM

Business Card WordPress Plugin <= 1.0.0 - Cross-Site Request Forgery via Card Category Deletion

CVE-2024-36255 MEDIUM

Mattermost <9.5.3, 9.6.1, 8.1.12 - RCE

CVE-2024-4409 MEDIUM

WP-ViperGB <= 1.6.1 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-35561 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/ca_deal.php

CVE-2024-35560 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/ca_deal.php

CVE-2024-35559 HIGH

idccms v1.35 - Cross-Site Request Forgery via /admin/infoMove_deal.php

CVE-2024-35558 HIGH

idccms v1.35 - Cross-Site Request Forgery via /admin/ca_deal.php

CVE-2024-35557 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/vpsApi_deal.php

CVE-2024-35556 HIGH

idccms v1.35 - Cross-Site Request Forgery via /admin/vpsSys_deal.php?mudi=infoSet

CVE-2024-35555 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/share_switch.php

CVE-2024-35554 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/infoWeb_deal.php

CVE-2024-35553 HIGH

idccms v1.35 - Cross-Site Request Forgery via /admin/infoMove_deal.php

CVE-2024-35552 HIGH

idccms v1.35 - Cross-Site Request Forgery via /admin/infoMove_deal.php

CVE-2024-35551 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/infoWeb_deal.php?mudi=add

CVE-2024-35550 MEDIUM

idccms v1.35 - Cross-Site Request Forgery via /admin/infoWeb_deal.php?mudi=rev

CVE-2024-35475 MEDIUM

OpenKM < 6.3.12 - Cross-Site Request Forgery in DatabaseQuery Endpoint

CVE-2024-1446 MEDIUM

NextScripts: Social Networks Auto-Poster <= 4.4.3 - Cross-Site Request Forgery via nxssnap-reposter Page

Previous Page 125 of 374 Next

Details

Vulnerabilities 9,347

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy