CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,377 vulnerabilities with CWE-352
CVE-2019-12363
HIGH
mybb-2fa < 2014-11-05 - Cross-Site Request Forgery via usercp.php
CVSS 8.8
CVE-2019-10340
HIGH
Jenkins Docker Plugin < 1.1.6 - Cross-Site Request Forgery via Test Connection
CVSS 8.8
CVE-2019-12466
HIGH
MediaWiki < 1.32.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-13071
HIGH
CyberPower PowerPanel Business Edition 3.4.0 - Cross-Site Request Forgery in Agent/Center Component
CVSS 8.8
CVE-2019-12923
MEDIUM
MailEnable 6.0-<6.90 - Cross-Site Request Forgery via Anti-CSRF Token Removal
CVSS 6.5
CVE-2019-13401
HIGH
Fortinet FCM-MB40 1.2.0.0 - Cross-Site Request Forgery in cgi-bin Scripts
CVSS 8.8
CVE-2019-13183
HIGH
Flarum < 0.1.0-beta.9 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-13370
HIGH
ignitedcms < 2017-02-19 - Cross-Site Request Forgery in Admin Permissions
CVSS 8.8
CVE-2019-5984
HIGH
Custom CSS Pro < 1.0.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-5983
HIGH
HTML5 Maps < 1.6.5.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-5980
HIGH
Related YouTube Videos < 1.9.9 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-5979
HIGH
Personalized WooCommerce Cart Page < 2.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-5974
HIGH
Contest Gallery < 10.4.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-5973
HIGH
Online Lesson Booking < 0.8.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-5971
HIGH
attendance_manager <= 0.5.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-5968
HIGH
GROWI < 3.4.6 - Cross-Site Request Forgery via User Basic Info Update
CVSS 8.8
CVE-2019-5963
HIGH
Zoho SalesIQ < 1.0.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-5960
HIGH
WP Open Graph < 1.6.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-6636
HIGH
BIG-IP AFM and ASM 12.0.0-12.1.4 - Stored Cross-Site Scripting in AFM Feed List
CVSS 8.4
CVE-2019-12851
HIGH
JetBrains YouTrack < 2018.4.49852 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-5630
MEDIUM
Rapid7 Nexpose 6.5.0-6.5.68 - Cross-Site Request Forgery via Flash Pre-Flight Bypass
CVSS 5.9
CVE-2019-7262
HIGH
Linear eMerge Essential and Elite Firmware < 1.00-06 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-7270
HIGH
Linear eMerge 50P/5000P Firmware < 4.6.07 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-13056
HIGH
CyberPanel < 1.8.4 - Cross-Site Request Forgery on User Edit Page
CVSS 8.8
CVE-2019-7273
HIGH
Optergy Enterprise and Proton < 2.3.0a - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,377
Exploit Likelihood
Medium