CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,374 vulnerabilities with CWE-352
CVE-2020-19280
HIGH
Jeesns 1.4.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-19268
MEDIUM
Dswjcms 1.6.4 - Authenticated Cross-Site Request Forgery in User/tfAdd
CVSS 5.7
CVE-2020-19264
MEDIUM
MipCMS 5.0.1 - Cross-Site Request Forgery via User Addition Endpoint
CVSS 6.5
CVE-2020-19263
HIGH
MipCMS 5.0.1 - Cross-Site Request Forgery via User Privilege Escalation Endpoint
CVSS 8.8
CVE-2020-20343
MEDIUM
WTCMS 1.0 - Cross-Site Request Forgery in Admin Article Addition
CVSS 6.5
CVE-2020-19047
HIGH
iwebshop v5.3 - Cross-Site Request Forgery via Admin Edit POST Request
CVSS 8.8
CVE-2020-18124
MEDIUM
Indexhibit 2.1.5 - Cross-Site Request Forgery
CVSS 5.7
CVE-2020-18123
MEDIUM
Indexhibit 2.1.5 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-18917
HIGH
dedecms 5.7 SP2 - Remote Code Execution via typename Parameter
CVSS 8.8
CVE-2020-24130
HIGH
Ponzu 0.11.0 - Cross-Site Request Forgery in Configure Component
CVSS 8.1
CVE-2020-20642
HIGH
EyouCMS 1.3.6 - Cross-Site Request Forgery via Filemanager Newfile Endpoint
CVSS 8.8
CVE-2020-19669
HIGH
Eyoucms 1.3.6 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2020-28846
MEDIUM
SeaCMS 10.7 - Cross-Site Request Forgery in admin_manager.php
CVSS 6.5
CVE-2020-4992
MEDIUM
IBM DataPower Gateway 2018.4.1.0-2018.4.1.16 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-22403
HIGH
express-cart < 1.1.17 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-20989
MEDIUM
Domainmod 4.13 - Cross-Site Request Forgery in Admin Maintenance Log Deletion
CVSS 4.3
CVE-2020-18464
LOW
AikCms 2.0.0 - Cross-Site Request Forgery in video_list.php
CVSS 3.5
CVE-2020-18463
LOW
aikcms 2.0.0 - Cross-Site Request Forgery in video_list.php
CVSS 2.4
CVE-2020-18460
HIGH
711cms v1.0.7 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2020-18458
HIGH
DamiCMS 6.0.6 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.0
CVE-2020-18457
MEDIUM
bycms 1.3.0 - Cross-Site Request Forgery via Admin Account Addition
CVSS 6.8
CVE-2020-18454
MEDIUM
bycms v1.3 - Cross-Site Request Forgery via admin.php/systems/index/module_id/70/group_id/1.html
CVSS 6.8
CVE-2020-25562
MEDIUM
SapphireIMS 5.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-21358
MEDIUM
Wage-CMS 1.5.x-dev - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-18694
HIGH
IgnitedCMS v1.0 - Cross-Site Request Forgery in Profile Save Endpoint
CVSS 8.8
Details
Vulnerabilities
9,374
Exploit Likelihood
Medium