CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,378 vulnerabilities with CWE-352
CVE-2019-9625
HIGH
DirectAdmin 1.55 - Cross-Site Request Forgery via CMD_ACCOUNT_ADMIN URI
CVSS 8.8
CVE-2019-9603
MEDIUM
MiniCMS 1.10 - Cross-Site Request Forgery via Article Deletion
CVSS 6.5
CVE-2019-6561
HIGH
Moxa IKS-G6824A Firmware < 4.5 and EDS Firmware < 3.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-9549
HIGH
PopojiCMS v2.0.1 - Cross-Site Request Forgery via User Addition Endpoint
CVSS 8.8
CVE-2019-9182
HIGH
ZZZCMS zzzphp V1.6.1 - Cross-Site Request Forgery via admin015/save.php
CVSS 8.8
CVE-2019-9062
HIGH
PHP Scripts Mall Online Food Ordering Script 1.0 - Cross-Site Request Forgery in my-account.php
CVSS 8.0
CVE-2019-9052
MEDIUM
Pluck 4.7.9-dev1 - Cross-Site Request Forgery via Image Deletion Endpoint
CVSS 6.5
CVE-2019-9051
MEDIUM
Pluck 4.7.9-dev1 - Cross-Site Request Forgery via Article Deletion Endpoint
CVSS 6.5
CVE-2019-9049
MEDIUM
Pluck 4.7.9-dev1 - Cross-Site Request Forgery via Module Delete URI
CVSS 6.5
CVE-2019-9048
MEDIUM
Pluck 4.7.9-dev1 - Cross-Site Request Forgery via Theme Delete URI
CVSS 6.5
CVE-2019-9040
HIGH
S-CMS PHP v3.0 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2019-8910
HIGH
WTCMS 1.0 - Cross-Site Request Forgery via Site Settings Endpoint
CVSS 8.8
CVE-2019-8902
MEDIUM
idreamsoft iCMS < 7.0.14 - Cross-Site Request Forgery via public/api.php?app=user URI
CVSS 5.7
CVE-2019-0267
HIGH
SAP Manufacturing Integration and Intelligence 15.0-15.2 - Cross-Site Request Forgery in Illuminator Servlet
CVSS 8.8
CVE-2019-8347
HIGH
BEESCMS 4.0 - Cross-Site Request Forgery via Admin Member Addition
CVSS 8.8
CVE-2019-7738
MEDIUM
C.P.Sub < 5.3 - Cross-Site Request Forgery via manage.php Article Deletion
CVSS 6.5
CVE-2019-7737
HIGH
Verydows 2.0 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2019-7730
MEDIUM
MyWebSQL 3.7 - Cross-Site Request Forgery via Database Deletion URI
CVSS 5.7
CVE-2019-7570
MEDIUM
PbootCMS 1.3.6 - Cross-Site Request Forgery via User Deletion Endpoint
CVSS 6.5
CVE-2019-7569
HIGH
doyo 2.3 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2019-7566
HIGH
CSZ CMS 1.1.8 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2019-1003022
MEDIUM
Jenkins Monitoring Plugin <1.74.0 - DoS
CVSS 6.5
CVE-2019-1003017
MEDIUM
Jenkins Job Import Plugin <3.0 - Privilege Escalation
CVSS 5.3
CVE-2019-1003016
HIGH
Jenkins Job Import Plugin <2.1 - Info Disclosure
CVSS 8.8
CVE-2019-1003012
MEDIUM
Jenkins Blue Ocean Plugins <1.10.1 - RCE
CVSS 6.5
Details
Vulnerabilities
9,378
Exploit Likelihood
Medium