Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,348 vulnerabilities with CWE-352

CVE-2024-27194 HIGH

Fontific | Google Fonts <0.1.6 - CSRF

CVE-2024-2483 MEDIUM

Surya2Developer Hostel Management Service 1.0 - CSRF

CVE-2024-27265 MEDIUM

IBM Integration Bus for z/OS <10.1.0.3 - CSRF

CVE-2024-28195 HIGH

your_spotify < 1.9.0 - Cross-Site Request Forgery in API and Login Flow

CVE-2024-28682 MEDIUM

dedecms v5.7 - Cross-Site Request Forgery via sys_cache_up.php

CVE-2024-28681 MEDIUM

DedeCMS v5.7 - Cross-Site Request Forgery via /dede/plus_edit.php

CVE-2024-28678 MEDIUM

dedecms v5.7 - Cross-Site Request Forgery via /dede/article_description_main.php

CVE-2024-28677 MEDIUM

dedecms v5.7 - Cross-Site Request Forgery via article_keywords_main.php

CVE-2024-28673 HIGH

DedeCMS v5.7 - Cross-Site Request Forgery via /dede/mychannel_edit.php

CVE-2024-28672 MEDIUM

dedecms v5.7 - Cross-Site Request Forgery via media_edit.php

CVE-2024-28670 MEDIUM

dedecms v5.7 - Cross-Site Request Forgery via /dede/freelist_main.php

CVE-2024-28669 MEDIUM

dedecms v5.7 - Cross-Site Request Forgery via /dede/freelist_edit.php

CVE-2024-1642 MEDIUM

MainWP Dashboard < 4.6.0.1 - Cross-Site Request Forgery via Posting Bulk Function

CVE-2024-1489 MEDIUM

SMS Alert Order Notifications < 3.6.9 - Cross-Site Request Forgery via processBulkAction Function

CVE-2024-0830 MEDIUM

Comments Extra Fields For Post,PAGES And CPT <5.0 - CSRF

CVE-2024-0827 MEDIUM

Play.ht <= 3.6.4 - Cross-Site Request Forgery via Missing Nonce Validation

CVE-2024-0592 MEDIUM

WordPress Related Posts <2.2.1 - CSRF

CVE-2024-28684 HIGH

DedeCMS v5.7 - Cross-Site Request Forgery via /dede/module_main.php

CVE-2024-28675 HIGH

DedeCMS v5.7 - Cross-Site Request Forgery via diy_edit.php

CVE-2024-28667 MEDIUM

DedeCMS v5.7 - Cross-Site Request Forgery via templets_one_edit.php

CVE-2024-28666 MEDIUM

dedecms v5.7 - Cross-Site Request Forgery via /dede/media_add.php

CVE-2024-28665 HIGH

dedecms v5.7 - Cross-Site Request Forgery via article_add.php

CVE-2024-28432 HIGH

dedecms v5.7 - Cross-Site Request Forgery via article_edit.php

CVE-2024-28431 HIGH

dedecms v5.7 - Cross-Site Request Forgery via /dede/catalog_del.php

CVE-2024-28430 MEDIUM

dedecms v5.7 - Cross-Site Request Forgery via /dede/catalog_edit.php

Previous Page 141 of 374 Next

Details

Vulnerabilities 9,348

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy