CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,371 vulnerabilities with CWE-352
CVE-2021-36861
MEDIUM
Rich Reviews by Starfish <= 1.9.14 - Cross-Site Request Forgery
CVSS 5.4
CVE-2021-40335
MEDIUM
Hitachi Energy Modular Switchgear Monitoring Firmware < 2.2.0 - Cross-Site Request Forgery
CVSS 5.0
CVE-2021-38868
MEDIUM
IBM Engineering Requirements Quality Assistant - CSRF
CVSS 6.5
CVE-2021-31679
MEDIUM
PESCMS-V2.3.3 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-31678
MEDIUM
PESCMS-V2.3.3 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-31677
MEDIUM
PESCMS-V2.3.3 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-23163
LOW
JFrog Artifactory <7.33.6,6.23.38 - CSRF
CVSS 3.1
CVE-2021-36891
MEDIUM
Photo Gallery by Supsystic <= 1.15.5 - Cross-Site Request Forgery
CVSS 5.4
CVE-2021-25116
MEDIUM
Enqueue Anything WordPress Plugin < 1.0.1 - Unauthenticated Arbitrary Asset Deletion
CVSS 6.5
CVE-2021-44117
HIGH
Fuel CMS 1.5.0 - Cross-Site Request Forgery via Site Variables Deletion Endpoint
CVSS 8.8
CVE-2021-36890
MEDIUM
Social Share Buttons by Supsystic <= 2.2.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-34360
MEDIUM
QNAP NAS Proxy Server 1.4.0-1.4.1 - Cross-Site Request Forgery
CVSS 5.3
CVE-2021-27759
LOW
HCLTech BigFix Inventory 9.0 through 10.0.7.0 - Cross-Site Request Forgery
CVSS 2.3
CVE-2021-27758
MEDIUM
Login Form - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-43937
HIGH
Elcomplus SmartPTT SCADA Server - Info Disclosure
CVSS 7.6
CVE-2021-24805
MEDIUM
DW Question & Answer Pro <1.3.4 - CSRF
CVSS 4.3
CVE-2021-38886
HIGH
IBM Cognos Analytics <11.2.0 - CSRF
CVSS 8.8
CVE-2021-32929
MEDIUM
Uffizio GPS Tracker - Privilege Escalation
CVSS 4.3
CVE-2021-4096
HIGH
Fancy Product Designer <4.7.5 - CSRF
CVSS 8.8
CVE-2021-36914
MEDIUM
CalderaWP License Manager <= 1.2.11 - Cross-Site Request Forgery Leading to Reflected Cross-Site Scripting
CVSS 6.1
CVE-2021-32162
HIGH
Webmin 1.973 - Cross-Site Request Forgery via File Manager
CVSS 8.8
CVE-2021-32159
HIGH
Webmin 1.973 - Cross-Site Request Forgery via Upload and Download Feature
CVSS 8.8
CVE-2021-32156
HIGH
Webmin 1.973 - Cross-Site Request Forgery via Scheduled Cron Jobs
CVSS 8.8
CVE-2021-41245
MEDIUM
Combodo iTop < 2.7.6 - Cross-Site Request Forgery via privUITransactionFile
CVSS 6.5
CVE-2021-44312
HIGH
Firmware Analysis and Comparison Tool - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,371
Exploit Likelihood
Medium