CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,377 vulnerabilities with CWE-352
CVE-2019-10847
HIGH
Computrols CBAS < 19.0.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-12253
MEDIUM
my little forum < 2.4.20 - Cross-Site Request Forgery via Post Deletion
CVSS 6.5
CVE-2019-12239
HIGH
WP Booking System < 1.5.2 - Cross-Site Request Forgery
CVSS 7.2
CVE-2019-11886
HIGH
WaspThemes Visual CSS Style Editor <7.2.1 - CSRF
CVSS 8.8
CVE-2019-7746
HIGH
JioFi 4 jmr1140 Amtel_JMR1140_R12.07 - Info Disclosure
CVSS 8.1
CVE-2019-11569
HIGH
Veeam ONE Reporter <9.5.0.3201 - CSRF
CVSS 8.8
CVE-2019-5431
MEDIUM
Twitter Kit for iOS <3.4.0 - Callback Verification Flaw
CVSS 5.4
CVE-2019-5430
HIGH
UniFi Video < 3.10.0 - Cross-Site Request Forgery via Web API
CVSS 8.8
CVE-2019-1857
MEDIUM
Cisco HyperFlex HX-Series - Unauthenticated Cross-Site Request Forgery
CVSS 6.1
CVE-2019-1713
HIGH
Cisco Adaptive Security Appliance Software < 9.4.4.34 and 9.5-9.6.4.25 - Cross-Site Request Forgery
CVSS 8.1
CVE-2019-11617
HIGH
doorgets_cms 7.0 - Cross-Site Request Forgery in User Configuration Request
CVSS 8.8
CVE-2019-11193
MEDIUM
DirectAdmin < 1.561 - Cross-Site Scripting via FileManager CMD_FILE_MANAGER Parameter
CVSS 6.1
CVE-2019-10315
HIGH
Jenkins GitHub Authentication Plugin < 0.31 - Cross-Site Request Forgery via OAuth State Parameter
CVSS 8.8
CVE-2019-10310
HIGH
Jenkins Ansible Tower Plugin < 0.9.1 - Cross-Site Request Forgery via TowerInstallation Connection Test
CVSS 8.8
CVE-2019-10307
MEDIUM
Jenkins Static Analysis Utilities Plugin < 1.95 - Cross-Site Request Forgery via DefaultGraphConfigurationView#doSave
CVSS 6.5
CVE-2019-11591
HIGH
WebDorado Contact Form <1.13.5 - CSRF
CVSS 8.8
CVE-2019-11590
HIGH
10Web Form Maker < 1.13.5 - Cross-Site Request Forgery and Local File Inclusion via Admin-Ajax Action Parameter
CVSS 8.8
CVE-2019-11557
HIGH
WebDorado Contact Form Builder <1.0.69 - CSRF
CVSS 8.8
CVE-2019-8991
HIGH
TIBCO ActiveMatrix BPM <= 4.2.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-11203
MEDIUM
TIBCO ActiveMatrix BPM and Silver Fabric Enabler <= 4.2.0 - Cross-Site Request Forgery
CVSS 6.1
CVE-2019-11456
HIGH
Gila CMS 1.10.1 - Cross-Site Request Forgery via fm/save Endpoint
CVSS 8.8
CVE-2019-11416
HIGH
Intelbras IWR 3000N 1.5.0 - Cross-Site Request Forgery via v1/system/user
CVSS 8.8
CVE-2019-11375
MEDIUM
Msvod v10 - Cross-Site Request Forgery via admin/member/edit.html
CVSS 6.5
CVE-2019-11374
HIGH
74cms 5.0.1 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2019-3718
HIGH
Dell SupportAssist < 3.2.0.90 - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,377
Exploit Likelihood
Medium