CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,375 vulnerabilities with CWE-352
CVE-2020-8168
HIGH
UI AirOS < 6.2.0 - Authenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2020-13458
HIGH
verbb Image Resizer < 2.0.9 - Cross-Site Request Forgery in Log-Clear Action
CVSS 8.8
CVE-2020-13416
MEDIUM
Aviatrix Controller <5.4.1066 - CSRF
CVSS 6.5
CVE-2020-13412
HIGH
Aviatrix Controller <5.4.1204 - CSRF
CVSS 8.8
CVE-2020-1103
MEDIUM
Microsoft SharePoint Server - Information Disclosure via Cross-Site Search Attack
CVSS 6.5
CVE-2020-13231
MEDIUM
Cacti < 1.2.11 - Cross-Site Request Forgery via Admin Email Change
CVSS 6.5
CVE-2020-4286
MEDIUM
IBM InfoSphere Information Server 11.3, 11.5, 11.7 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-12257
HIGH
rConfig 3.9.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-5576
HIGH
Movable Type <7.2.1, <6.5.3, <6.3.11 - CSRF
CVSS 8.8
CVE-2020-11069
HIGH
TYPO3 CMS 9.0.0-9.5.16 and 10.0.0-10.4.1 - Same-Site Request Forgery via Malicious Uploaded Resource
CVSS 8.0
CVE-2020-12427
HIGH
Western Digital WD Discovery <3.8.229 - CSRF
CVSS 8.8
CVE-2020-11060
HIGH
GLPI < 9.4.6 - Authenticated Remote Code Execution via Backup Functionality
CVSS 7.4
CVE-2020-5745
HIGH
TCExam 14.2.2 - Cross-Site Request Forgery
CVSS 7.4
CVE-2020-2186
MEDIUM
Jenkins Amazon EC2 Plugin < 1.50.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2020-2184
MEDIUM
Jenkins CVS Plugin < 2.16 - Cross-Site Request Forgery
CVSS 4.3
CVE-2020-8830
HIGH
Ruckus ZoneFlex R500 Firmware - Server-Side Request Forgery via SUBCA-1 Field
CVSS 8.8
CVE-2020-8829
HIGH
Intelbras CIP 92200 Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-7983
HIGH
Ruckus ZoneFlex R500 Firmware 3.4.2.0.384 - Cross-Site Request Forgery in login.asp
CVSS 8.1
CVE-2020-5517
MEDIUM
BlueOnyx 5209R Firmware - Cross-Site Request Forgery in /login URI
CVSS 6.5
CVE-2020-5335
MEDIUM
RSA Archer < 6.7.0.2 - Cross-Site Request Forgery
CVSS 5.0
CVE-2020-12626
MEDIUM
Roundcube Webmail < 1.4.4 - Cross-Site Request Forgery via Logout POST Request
CVSS 6.5
CVE-2020-12462
MEDIUM
ninja-forms < 3.4.24.2 - Cross-Site Request Forgery with Resultant Cross-Site Scripting
CVSS 6.1
CVE-2020-12076
HIGH
Data Tables Generator by Supsystic < 1.9.92 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-10892
HIGH
Foxit PhantomPDF and Reader < 9.7.1.29511 - Arbitrary File Write via CombineFiles Command
CVSS 8.8
CVE-2020-10890
HIGH
Foxit PhantomPDF and Reader < 9.7.1.29511 - Arbitrary File Write via ConvertToPDF Command
CVSS 8.8
Details
Vulnerabilities
9,375
Exploit Likelihood
Medium