CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2022-42751
HIGH
CandidATS 3.0.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-3852
HIGH
VR Calendar < 2.3.3 - Cross-Site Request Forgery via Missing Nonce Validation
CVSS 8.8
CVE-2022-3776
HIGH
Restaurant Menu - Food Ordering System - Table Reservation < 2.3.2 - Cross-Site Request Forgery via AJAX Actions
CVSS 8.8
CVE-2022-40291
HIGH
php_point_of_sale - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-3419
MEDIUM
Automatic User Roles Switcher < 1.1.2 - Authenticated Privilege Escalation via Missing Authorization
CVSS 6.5
CVE-2022-40488
MEDIUM
ProcessWire 3.0.200 - Cross-Site Request Forgery
CVSS 6.5
CVE-2022-43340
HIGH
dzzoffice 2.02.1_SC_UTF8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-41996
HIGH
ThemeFusion Avada <= 7.8.1 - Cross-Site Request Forgery leading to Arbitrary Plugin Installation
CVSS 8.8
CVE-2022-2762
MEDIUM
AdminPad < 2.2 - Cross-Site Request Forgery in Admin Note Update
CVSS 6.5
CVE-2022-42199
HIGH
Simple Exam Reviewer Management System 1.0 - Cross-Site Request Forgery via Exam List
CVSS 8.8
CVE-2022-43418
MEDIUM
Jenkins Katalon Plugin <1.0.33 - CSRF
CVSS 4.3
CVE-2022-43408
MEDIUM
Jenkins Pipeline: Stage View Plugin <2.26 - CSRF Bypass
CVSS 6.5
CVE-2022-43407
HIGH
Jenkins Pipeline: Input Step Plugin <451.vf1a_a_4f405289 - CSRF Bypass
CVSS 8.8
CVE-2022-41500
HIGH
EyouCMS V1.5.9 - Cross-Site Request Forgery via Members Center, Editorial Membership, and Points Recharge
CVSS 8.8
CVE-2022-3585
MEDIUM
SourceCodester Simple Cold Storage Management System 1.0 - CSRF
CVSS 4.3
CVE-2022-3582
MEDIUM
SourceCodester Simple Cold Storage Management System 1.0 - CSRF
CVSS 4.3
CVE-2022-23771
HIGH
IPTIME NAS1DUAL, NAS2DUAL, NAS4DUAL Firmware < 1.4.86 - Cross-Site Request Forgery in User Account Management
CVSS 8.0
CVE-2022-3151
MEDIUM
WP Custom Cursors < 3.0.1 - Cross-Site Request Forgery via Cursor Deletion
CVSS 4.3
CVE-2022-3149
MEDIUM
WP Custom Cursors < 3.0.1 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 6.1
CVE-2022-3126
MEDIUM
Frontend File Manager Plugin < 21.4 - Cross-Site Request Forgery via File Upload
CVSS 4.3
CVE-2022-3082
MEDIUM
miniOrange Discord Integration <2.1.6 - CSRF
CVSS 6.5
CVE-2022-42070
HIGH
Online Birth Certificate Management System 1.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2022-35611
MEDIUM
MQTTRoute <= 3.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2022-41489
HIGH
WAYOS LQ-09 22.03.17V - Cross-Site Request Forgery via Usb_upload.htm
CVSS 8.1
CVE-2022-41475
HIGH
RPCMS 3.0.2 - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium