CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,375 vulnerabilities with CWE-352
CVE-2020-13658
HIGH
Lansweeper - Cross-Site Request Forgery
CVSS 8.0
CVE-2020-25142
MEDIUM
Observium 20.8.10631 - Cross-Site Request Forgery via Device Settings Form
CVSS 6.5
CVE-2020-23837
HIGH
GetSimple CMS Multi User 1.8.2 - CSRF
CVSS 8.8
CVE-2020-12841
MEDIUM
iSmartGate PRO 1.5.9 - Cross-Site Request Forgery via Image Upload
CVSS 6.5
CVE-2020-12840
MEDIUM
iSmartGate PRO 1.5.9 - Cross-Site Request Forgery via Sound File Upload
CVSS 6.5
CVE-2020-12282
HIGH
iSmartgate PRO 1.5.9 - Cross-Site Request Forgery via Busca Parameter
CVSS 8.8
CVE-2020-12281
MEDIUM
iSmartgate PRO 1.5.9 - Cross-Site Request Forgery via User Creation Endpoint
CVSS 6.5
CVE-2020-12280
MEDIUM
iSmartgate PRO 1.5.9 - Cross-Site Request Forgery via /isg/opendoor.php
CVSS 6.5
CVE-2020-5783
MEDIUM
IgniteNet HeliOS GLinq <v2.2.1 r2961 - CSRF
CVSS 5.4
CVE-2020-2281
MEDIUM
Jenkins Lockable Resources Plugin <2.8 - CSRF
CVSS 5.4
CVE-2020-2280
HIGH
Jenkins Warnings Plugin <5.0.1 - CSRF
CVSS 8.8
CVE-2020-3135
HIGH
Cisco Unified Communications Manager < 11.5(1) - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-3124
MEDIUM
Cisco Hosted Collaboration Mediation Fulfillment < 12.5(1) - Unauthenticated Cross-Site Request Forgery
CVSS 6.5
CVE-2020-14025
HIGH
Ozeki NG SMS Gateway <= 4.17.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-4617
HIGH
IBM Data Risk Manager < 2.0.6.4 - Cross-Site Request Forgery
CVSS 8.1
CVE-2020-14506
LOW
Philips Clinical Collaboration Platform < 12.2.1 - Cross-Site Request Forgery
CVSS 3.4
CVE-2020-15182
HIGH
SOY CMS < 3.0.2.328 and SOY Inquiry < 2.0.0.4 - Authenticated Remote Code Execution via CSRF
CVSS 8.4
CVE-2020-24373
HIGH
Freebox Server < 4.2.3 - Cross-Site Request Forgery via UPnP MediaServer
CVSS 8.8
CVE-2020-13259
HIGH
RAD SecFlow-1v os-image SF_0290_2.3.01.26 - CSRF
CVSS 8.8
CVE-2020-25015
MEDIUM
Genexis Platinum 4410 V2-1.28 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-2273
MEDIUM
Jenkins ElasTest Plugin <1.2.1 - CSRF
CVSS 4.3
CVE-2020-2268
HIGH
Jenkins MongoDB Plugin < 1.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-25453
HIGH
BlackCat CMS < 1.4 - Cross-Site Request Forgery Bypass
CVSS 8.8
CVE-2020-4526
MEDIUM
IBM Maximo Asset Management 7.6.0-7.6.0.10 - Cross-Site Request Forgery
CVSS 4.3
CVE-2020-23451
HIGH
Spiceworks <= 7.5.00107 - Cross-Site Request Forgery via /settings/v1/users
CVSS 8.8
Details
Vulnerabilities
9,375
Exploit Likelihood
Medium