CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,375 vulnerabilities with CWE-352
CVE-2020-25622
HIGH
SolarWinds N-Central 12.3.0.670 - Cross-Site Request Forgery via AdvancedScripts Endpoint
CVSS 8.8
CVE-2020-14368
HIGH
Eclipse Che < 7.14.0 - Cross-Site Request Forgery via SameSite Cookie Misconfiguration
CVSS 7.1
CVE-2020-8282
HIGH
Ubiquiti EdgePower <=1.7.0 - Remote Code Execution via Missing CSRF Protection
CVSS 8.8
CVE-2020-28858
HIGH
OpenAsset Digital Asset Management <= 12.0.19 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-29254
HIGH
TikiWiki 21.2 - Cross-Site Request Forgery in Template Editor
CVSS 8.8
CVE-2020-28838
LOW
OpenCart 3.0.3.6 - Cross-Site Request Forgery in Cart Option
CVSS 3.5
CVE-2020-35135
HIGH
Ultimate Category Excluder < 1.2 - Cross-Site Request Forgery via ultimate-category-excluder.php
CVSS 8.8
CVE-2020-2321
HIGH
Jenkins Shelve Project Plugin <3.0 - CSRF
CVSS 8.1
CVE-2020-14369
MEDIUM
Red Hat CloudForms < 5.11 - Cross-Site Request Forgery via Crafted Flash File
CVSS 6.3
CVE-2020-29458
HIGH
Textpattern CMS 4.6.2 - Cross-Site Request Forgery via Prefs Subsystem
CVSS 8.8
CVE-2020-4127
MEDIUM
HCL Domino < 9.0.1 - Cross-Site Request Forgery in Login
CVSS 6.5
CVE-2020-17901
MEDIUM
PbootCMS 1.3.2 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-7780
MEDIUM
com.softwaremill.akka-http-session <0.5.11 - CSRF
CVSS 6.3
CVE-2020-26936
HIGH
Cloudera Data Engineering <1.1 - CSRF
CVSS 8.8
CVE-2020-13620
HIGH
Fastweb FASTGate GPON FGA2130FWB Firmware < 2020-05-26 - Cross-Site Request Forgery via Router Administration Web Panel
CVSS 8.8
CVE-2020-25472
MEDIUM
SimplePHPscripts News Script PHP Pro 2.3 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-5641
MEDIUM
GS108Ev3 Firmware < 2.06.10 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-13350
LOW
GitLab CE/EE >=13.5.0,<13.5.2,>=13.4.0,<13.4.5,<13.3.9 - CSRF
CVSS 3.1
CVE-2020-28649
HIGH
Orbisius Child Theme Creator < 1.5.2 - Cross-Site Request Forgery via orbisius_ctc_theme_editor_manage_file
CVSS 8.8
CVE-2020-7332
HIGH
McAfee Endpoint Security < 10.6.1 - Cross-Site Request Forgery in Firewall ePO Extension
CVSS 7.0
CVE-2020-27146
MEDIUM
TIBCO iProcess Workspace (Browser) <11.6.0 - CSRF
CVSS 5.0
CVE-2020-27016
HIGH
Trend Micro InterScan Messaging Security Virtual Appliance < 9.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-4651
MEDIUM
IBM Maximo Spatial Asset Management 7.6.0.3-7.6.1.0 - Cross-Site Request Forgery
CVSS 4.8
CVE-2020-15259
HIGH
auth0 ad/ldap_connector < 5.0.13 - Cross-Site Request Forgery in Admin Panel
CVSS 8.1
CVE-2020-27692
HIGH
Verve Connect VH510 Firmware < 1.0.1.6l0516 - Cross-Site Request Forgery in Web Management Portal
CVSS 8.8
Details
Vulnerabilities
9,375
Exploit Likelihood
Medium