CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,376 vulnerabilities with CWE-352
CVE-2020-10181
CRITICAL
KEV
Sumavision Enhanced Multimedia Router Firmware 3.0.4.27 - Cross-Site Request Forgery via formEMR30
CVSS 9.8
CVE-2020-6206
MEDIUM
SAP Cloud Platform Integration - CSRF
CVSS 4.3
CVE-2020-2147
MEDIUM
Jenkins Mac Plugin < 1.1.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2020-2141
MEDIUM
Jenkins P4 Plugin < 1.10.10 - Cross-Site Request Forgery
CVSS 4.3
CVE-2020-9454
HIGH
RegistrationMagic < 4.6.0.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-3148
HIGH
Cisco Prime Network Registrar - CSRF
CVSS 7.1
CVE-2020-10057
HIGH
GeniXCMS 1.1.7 - Cross-Site Request Forgery via Unvalidated Token
CVSS 8.8
CVE-2020-7988
HIGH
phpipam 1.4 - Cross-Site Request Forgery in Password Change
CVSS 8.8
CVE-2020-5402
HIGH
Cloudfoundry Cf-deployment < 12.33.0 - CSRF
CVSS 8.8
CVE-2020-9394
HIGH
Pricing Table by Supsystic < 1.8.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-9018
MEDIUM
LiteCart < 2.2.1 - Cross-Site Request Forgery via Admin User Edit Endpoint
CVSS 5.3
CVE-2020-9341
HIGH
CandidATS 2.1.0 - Cross-Site Request Forgery via Add User URI
CVSS 8.8
CVE-2020-3114
HIGH
Cisco DCNM - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-9271
MEDIUM
icehrm 26.2.0 - Cross-Site Request Forgery via service.php
CVSS 6.5
CVE-2020-9270
HIGH
icehrm 26.2.0 - Cross-Site Request Forgery via service.php
CVSS 8.8
CVE-2020-9267
MEDIUM
Soplanning - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-9266
MEDIUM
SOPlanning 1.45 - Cross-Site Request Forgery via xajax_server.php
CVSS 6.5
CVE-2020-6844
HIGH
TopManage OLK 2020 - Cross-Site Request Forgery in Login
CVSS 8.8
CVE-2020-5530
HIGH
Easy Property Listings < 3.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-1692
HIGH
Moodle < 3.7.2 - Information Exposure of Service Tokens
CVSS 8.1
CVE-2020-1977
HIGH
Expedition Migration Tool < 1.1.51 - Unauthenticated Cross-Site Request Forgery
CVSS 7.5
CVE-2020-2116
HIGH
Jenkins Pipeline GitHub Notify Step < 1.0.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-8658
HIGH
BestWebSoft Htaccess < 1.8.1 - Cross-Site Request Forgery via htaccess_editor Action
CVSS 8.8
CVE-2020-8615
MEDIUM
Tutor LMS < 1.5.3 - Cross-Site Request Forgery
CVSS 6.5
CVE-2020-8505
MEDIUM
arox School Management Software PHP/mySQL < 2019-03-14 - Cross-Site Request Forgery via office_admin/?action=deleteadmin
CVSS 6.5
Details
Vulnerabilities
9,376
Exploit Likelihood
Medium