CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,374 vulnerabilities with CWE-352
CVE-2020-7534
HIGH
Schneider Electric Modicon M340 BMXP342020 Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-29292
MEDIUM
iBall WRD12EN 1.0.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-21236
HIGH
DamiCMS v6.0 - Cross-Site Request Forgery in Article Edit Endpoint
CVSS 8.8
CVE-2020-20945
HIGH
Qibosoft v7 - Cross-Site Request Forgery in Admin Member Edit Endpoint
CVSS 8.8
CVE-2020-20943
MEDIUM
Qibosoft v7 - Cross-Site Request Forgery in Post Article Endpoint
CVSS 4.3
CVE-2020-20595
MEDIUM
OPMS <= 1.3 - Cross-Site Request Forgery via User Add Endpoint
CVSS 6.5
CVE-2020-20593
HIGH
Rockoa 1.9.8 - Authenticated Administrator Account Creation via CSRF
CVSS 8.0
CVE-2020-19682
HIGH
zzzcms V1.7.1 - Cross-Site Request Forgery via save_user Function
CVSS 8.8
CVE-2020-21141
HIGH
iCMS 7.0.15 - Cross-Site Request Forgery via Admin Member Addition
CVSS 8.8
CVE-2020-28137
MEDIUM
Genexis Platinum 4410 V2-1.28 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-21139
MEDIUM
EC Cloud E-Commerce System 1.3 - Cross-Site Request Forgery via Admin Account Addition
CVSS 6.5
CVE-2020-23686
HIGH
AyaCMS 3.1.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-36505
MEDIUM
Delete All Comments Easily < 1.3 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-36504
MEDIUM
WP-Pro-Quiz < 0.37 - Cross-Site Request Forgery via Quiz Deletion
CVSS 6.5
CVE-2020-19964
MEDIUM
PHPMyWind 5.6 - Unauthenticated Cross-Site Request Forgery
CVSS 6.5
CVE-2020-21658
MEDIUM
wdja_cms 1.5.2 - Cross-Site Request Forgery via Administrator Account Addition
CVSS 6.5
CVE-2020-21386
HIGH
Maccms 10 - Cross-Site Request Forgery in admin.php/admin/type/info.html
CVSS 8.8
CVE-2020-20693
HIGH
GilaCMS 1.11.4 - Authenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2020-20514
HIGH
Maccms v10 - Authenticated Cross-Site Request Forgery via admin.php/admin/admin/del/ids Endpoint
CVSS 8.1
CVE-2020-19951
HIGH
YzmCMS v5.5 - Cross-Site Request Forgery in Pay Controller
CVSS 8.8
CVE-2020-21321
MEDIUM
emlog v6.0 - Cross-Site Request Forgery via /admin/link.php?action=addlink
CVSS 4.3
CVE-2020-21126
HIGH
MetInfo 7.0.0 - Cross-Site Request Forgery via admin/?n=admin&c=index&a=doSaveInfo
CVSS 8.8
CVE-2020-19159
HIGH
LaikeTui v3 - Cross-Site Request Forgery via Member Add Endpoint
CVSS 8.8
CVE-2020-21081
MEDIUM
Maccms 8.0 - Cross-Site Request Forgery via Crafted URL
CVSS 6.5
CVE-2020-20671
HIGH
kitecms V1.1 - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,374
Exploit Likelihood
Medium