CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,376 vulnerabilities with CWE-352
CVE-2019-20390
HIGH
Subrion CMS 4.2.1 - Cross-Site Request Forgery via Unvalidated GET Request
CVSS 8.1
CVE-2019-19517
HIGH
Intelbras RF1200 1.1.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-0235
HIGH
Apache OFBiz 17.12.01 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-4750
HIGH
IBM Cloud App Management <2019.4.0 - CSRF
CVSS 8.8
CVE-2019-20691
HIGH
NETGEAR D3600/D6000/EX3700/EX3800/EX6000/EX6100/EX6120/EX6130/EX6150/EX6200/EX7000/WN2500RP CSRF
CVSS 8.8
CVE-2019-18376
MEDIUM
Symantec Management Center - Cross-Site Request Forgery via Token Disclosure
CVSS 5.9
CVE-2019-19025
HIGH
Cloud Native Computing Foundation Harbor <1.8.6,1.9.3 - CSRF
CVSS 8.8
CVE-2019-16068
HIGH
NETSAS ENIGMA NMS < 65.0.0 - Cross-Site Request Forgery via manage_files.cgi
CVSS 8.8
CVE-2019-12769
HIGH
SolarWinds Serv-U Managed File Transfer < 15.1.6 Hotfix 2 - Cross-Site Request Forgery via File Upload
CVSS 8.8
CVE-2019-13199
MEDIUM
Kyocera ECOSYS M5526cdw Firmware 2R7_2000.001.701 - Cross-Site Request Forgery
CVSS 6.5
CVE-2019-13170
MEDIUM
Xerox Phaser 3320 Firmware V53.006.16.000 - Cross-Site Request Forgery
CVSS 6.5
CVE-2019-13395
HIGH
NETGEAR CG3700b Firmware V2.02.03 - Cross-Site Request Forgery via /goform/ URIs
CVSS 8.8
CVE-2019-17653
HIGH
Fortinet FortiSIEM 5.2.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-16107
MEDIUM
phpBB 3.2.7 - Cross-Site Request Forgery in Post Attachment Deletion
CVSS 4.3
CVE-2019-17642
HIGH
Centreon 18.0.0-18.10.8 - Unauthenticated Remote Code Execution via Autodiscovery Plugin CSRF
CVSS 8.8
CVE-2019-20487
HIGH
NETGEAR WNR1000V4 1.1.0.54 - Unauthenticated Cross-Site Request Forgery via setup.cgi
CVSS 8.8
CVE-2019-4726
MEDIUM
IBM Sterling B2B Integrator Standard Edition <5.2.6.5 - CSRF
CVSS 4.3
CVE-2019-19987
MEDIUM
Selesta Visual Access Manager 4.15.0-4.29.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2019-20480
HIGH
MIELE XGW 3000 ZigBee Gateway Firmware < 2.4.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-12437
HIGH
SilverStripe < 4.3.3 - Cross-Site Request Forgery in GraphQL Mutations
CVSS 8.8
CVE-2019-12246
MEDIUM
SilverStripe < 4.3.3 - Denial of Service via Flush and Development URL Tools
CVSS 4.3
CVE-2019-20100
MEDIUM
Atlassian Jira Server and Data Center - Cross-Site Request Forgery in Application Links Plugin
CVSS 4.7
CVE-2019-20099
MEDIUM
Atlassian Jira Server and Data Center 7.6.15-8.5.3 - Cross-Site Request Forgery in VerifyPopServerConnection
CVSS 4.3
CVE-2019-20098
MEDIUM
Atlassian Jira Server and Data Center 7.6.15-8.5.3 - Cross-Site Request Forgery in VerifySmtpServerConnection
CVSS 4.3
CVE-2019-19668
MEDIUM
Rumpus FTP 8.2.9.1 - Cross-Site Request Forgery in File Types Component
CVSS 4.3
Details
Vulnerabilities
9,376
Exploit Likelihood
Medium