CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,376 vulnerabilities with CWE-352
CVE-2019-17431
HIGH
fastadmin 1.0.0.20190705_beta - Cross-Site Request Forgery in Admin Add Endpoint
CVSS 8.8
CVE-2019-13529
HIGH
SMA Sunny WebBox Firmware < 1.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-17369
MEDIUM
OTCMS v3.85 - Cross-Site Request Forgery in Admin Panel Member Deal Page
CVSS 6.5
CVE-2019-17217
HIGH
V-Zug Combi-Steam MSLQ Firmware < ethernet_r07 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-1915
MEDIUM
Cisco Unified Communications Manager, Unified CM IM&P, and Unity Connection - Cross-Site Request Forgery
CVSS 6.5
CVE-2019-15040
HIGH
JetBrains YouTrack < 2019.1 - Cross-Site Request Forgery on Settings Page
CVSS 8.8
CVE-2019-16993
HIGH
phpBB < 3.1.7-PL1 - Cross-Site Request Forgery in BBCode Administration Control Panel
CVSS 8.8
CVE-2019-13376
MEDIUM
phpBB 3.2.7 - Cross-Site Request Forgery in Remote Avatar Feature
CVSS 6.5
CVE-2019-16667
HIGH
pfSense 2.4.4-p3 - Cross-Site Request Forgery via diag_command.php
CVSS 8.8
CVE-2019-10408
MEDIUM
Jenkins Project Inheritance Plugin < 19.08.01 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-4515
MEDIUM
IBM Security Key Lifecycle Manager <3.0.1 - CSRF
CVSS 6.5
CVE-2019-16721
MEDIUM
NoneCMS v1.3 - Cross-Site Request Forgery in Admin User Deletion
CVSS 6.5
CVE-2019-16719
MEDIUM
WTCMS 1.0 - Cross-Site Request Forgery with Resultant Cross-Site Scripting via Admin Index Endpoint
CVSS 6.5
CVE-2019-16706
HIGH
kkcms v1.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-16678
MEDIUM
YzmCMS 5.3 - Cross-Site Request Forgery via URL Rule Addition
CVSS 6.5
CVE-2019-16677
MEDIUM
idreamsoft iCMS V7.0 - Cross-Site Request Forgery in admincp.php
CVSS 6.5
CVE-2019-16660
HIGH
joyplus-cms 1.6.0 - Cross-Site Request Forgery via admin_ajax.php
CVSS 8.8
CVE-2019-16659
HIGH
TuziCMS 2.0.6 - Cross-Site Request Forgery in Link Management
CVSS 8.8
CVE-2019-16658
HIGH
TuziCMS 2.0.6 - Cross-Site Request Forgery in Notice Management
CVSS 8.8
CVE-2019-15089
HIGH
PRiSE adAS 1.7.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-16531
HIGH
LayerBB < 1.1.4 - Cross-Site Request Forgery via Admin General Settings
CVSS 8.8
CVE-2019-16311
HIGH
niushop V1.11 - Cross-Site Request Forgery via search_info Parameter
CVSS 8.8
CVE-2019-13920
MEDIUM
SINEMA Remote Connect Server < V2.0 SP1 - CSRF
CVSS 4.3
CVE-2019-13364
CRITICAL
Piwigo 2.9.5 - Cross-Site Scripting and Cross-Site Request Forgery via Billing Parameters
CVSS 9.6
CVE-2019-13363
CRITICAL
Piwigo 2.9.5 - Cross-Site Scripting and Cross-Site Request Forgery via Notification by Mail Parameters
CVSS 9.6
Details
Vulnerabilities
9,376
Exploit Likelihood
Medium