CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,375 vulnerabilities with CWE-352
CVE-2020-22273
MEDIUM
Neoflex Video Subscription System 2.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-2303
MEDIUM
Jenkins Active Directory Plugin <2.19 - CSRF
CVSS 4.3
CVE-2020-28040
MEDIUM
WordPress < 5.5.2 - Cross-Site Request Forgery via Theme Background Image Change
CVSS 4.3
CVE-2020-11485
HIGH
Intel BMC Firmware < 3.38.30 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-16256
HIGH
winston_firmware 1.5.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-27975
HIGH
osCommerce Phoenix CE < 1.0.5.4 - Cross-Site Request Forgery in admin/define_language.php
CVSS 8.8
CVE-2020-24847
MEDIUM
FruityWifi <= 2.4 - Cross-Site Request Forgery in page_config_adv.php
CVSS 4.3
CVE-2020-18129
HIGH
Eyoucms 1.2.7 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2020-24033
HIGH
fs.com S3900 24T4S < 1.7.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-3456
HIGH
Cisco Firepower Extensible Operating System - Cross-Site Request Forgery in Firepower Chassis Manager
CVSS 8.8
CVE-2020-5790
MEDIUM
Nagios XI 5.7.3 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-12502
HIGH
Pepperl+Fuchs P+F Comtrol - Unauthorized Access
CVSS 8.8
CVE-2020-5642
HIGH
Live Chat - Live support < 3.1.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-4773
MEDIUM
IBM Curam Social Program Management 7.0.9 and 7.0.10 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-26912
HIGH
NETGEAR Multiple Router Models Firmware - Cross-Site Request Forgery
CVSS 7.5
CVE-2020-26522
HIGH
Garfield Petshop < 2020-10-01 - Cross-Site Request Forgery in User Management
CVSS 8.8
CVE-2020-26802
HIGH
forma.lms 2.3.0.2 - CSRF
CVSS 8.8
CVE-2020-2296
MEDIUM
Jenkins Shared Objects Plugin <0.44 - CSRF
CVSS 4.3
CVE-2020-2295
MEDIUM
Jenkins Maven Cascade Release Plugin <1.3.2 - CSRF
CVSS 6.5
CVE-2020-25263
HIGH
PyroCMS 3.7 - Cross-Site Request Forgery via Admin Addons Uninstall Endpoint
CVSS 7.1
CVE-2020-25262
MEDIUM
PyroCMS 3.7 - Cross-Site Request Forgery via Admin Pages Delete Endpoint
CVSS 4.3
CVE-2020-25986
MEDIUM
MonoCMS Blog 1.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-12123
HIGH
WAVLINK WN530H4 M30H4.V5030.190403 - Cross-Site Request Forgery in /cgi-bin/ Directory
CVSS 8.1
CVE-2020-5786
HIGH
Teltonika TRB245 Firmware TRB2_R_00.02.04.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-24570
MEDIUM
MB CONNECT LINE mymbCONNECT24 & mbCONNECT24 < 2.6.1 - CSRF & SSRF via com_mb24proxy
CVSS 6.5
Details
Vulnerabilities
9,375
Exploit Likelihood
Medium