CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,377 vulnerabilities with CWE-352
CVE-2019-13516
HIGH
OSIsoft PI Web API < 2018 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-15062
HIGH
Dolibarr 11.0.0-alpha - Cross-Site Request Forgery via Linked Files Settings Page
CVSS 8.0
CVE-2019-14526
HIGH
NETGEAR Nighthawk M1 (MR1100) < 12.06.03 - Cross-Site Request Forgery via JavaScript Token Embedding
CVSS 8.1
CVE-2019-14216
HIGH
WP SVG Icons < 3.2.1 - Cross-Site Request Forgery via Custom Icon Upload
CVSS 8.8
CVE-2019-10199
HIGH
Keycloak < 6.0.1 - Cross-Site Request Forgery via Inadequate Header Checks
CVSS 8.8
CVE-2019-11207
HIGH
TIBCO LogLogic Enterprise Virtual Appliance and Log Management Intelligence < 6.2.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-14933
HIGH
Bagisto < 0.1.5 - Cross-Site Request Forgery in Admin URIs
CVSS 8.8
CVE-2019-14683
MEDIUM
Import users from CSV with meta < 1.14.2.2 - Cross-Site Request Forgery via admin-ajax.php
CVSS 5.7
CVE-2019-14682
MEDIUM
ACF: Better Search < 3.3.1 - Cross-Site Request Forgery via Admin Page
CVSS 4.3
CVE-2019-14681
HIGH
deny_all_firewall < 1.1.7 - Cross-Site Request Forgery via Settings Removal
CVSS 8.8
CVE-2019-14680
MEDIUM
Admin Renamer Extended 3.2.1 - Cross-Site Request Forgery via Plugin Page
CVSS 5.7
CVE-2019-14679
MEDIUM
ARPrice Lite 2.2 - Cross-Site Request Forgery in Import/Export Page
CVSS 6.5
CVE-2019-1958
HIGH
Cisco HyperFlex HX Data Platform < 4.0(2a) - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-10388
MEDIUM
Jenkins Relution Enterprise Appstore Publisher < 1.24 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-10386
HIGH
Jenkins XL TestView Plugin < 1.2.0 - Cross-Site Request Forgery via Test Connection Endpoint
CVSS 8.8
CVE-2019-10368
HIGH
Jenkins JClouds Plugin < 2.14 - Cross-Site Request Forgery via Test Connection Endpoint
CVSS 8.8
CVE-2019-14703
HIGH
MicroDigital N-series <6400.0.8.5 - CSRF
CVSS 8.8
CVE-2019-14346
HIGH
Schben Adive 2.0.7 - Cross-Site Request Forgery in Admin Config
CVSS 8.8
CVE-2019-14551
CRITICAL
das_q_software < 3.2.5 - Unauthenticated Remote Code Execution via CSRF
CVSS 9.8
CVE-2019-7947
MEDIUM
Magento Open Source <1.9.4.2 - Magento Commerce <1.14.4.2 - Magento...
CVSS 6.5
CVE-2019-7874
MEDIUM
Magento 2.1.0-2.1.17, 2.2.0-2.2.8, 2.3.0-2.3.1 - Cross-Site Request Forgery
CVSS 6.5
CVE-2019-7873
MEDIUM
Magento 2.1.0-2.1.17 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-7865
HIGH
Magento 2.1-2.1.17 - Cross-Site Request Forgery in Checkout Cart Item
CVSS 8.8
CVE-2019-7857
MEDIUM
Magento 2.1.0-2.1.17, 2.2.0-2.2.8 - Cross-Site Request Forgery via Insufficient Anti-CSRF Token
CVSS 4.3
CVE-2019-7851
MEDIUM
Magento 2.1.0-2.1.17 - Cross-Site Request Forgery
CVSS 6.5
Details
Vulnerabilities
9,377
Exploit Likelihood
Medium