CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,378 vulnerabilities with CWE-352
CVE-2019-1003010
MEDIUM
Jenkins Git Plugin < 3.9.1 - Cross-Site Request Forgery in GitTagAction
CVSS 4.3
CVE-2019-1003008
HIGH
Jenkins Warnings Next Gen <2.1.1 - CSRF
CVSS 8.8
CVE-2019-1003007
HIGH
Jenkins Warnings Plugin <5.0.0 - CSRF
CVSS 8.8
CVE-2019-7402
MEDIUM
PHPMyWind 5.5 - Cross-Site Scripting in GetQQ Function via cfg_qqcode Parameter
CVSS 6.1
CVE-2019-1000022
HIGH
taoensso/sente < 1.14.0 - Cross-Site Request Forgery via WebSocket Handshake Endpoint
CVSS 8.8
CVE-2019-1000003
HIGH
MapSVG Lite 3.2.3 - Cross-Site Request Forgery via mapsvg_save REST Endpoint
CVSS 8.8
CVE-2019-7346
HIGH
ZoneMinder <= 1.32.3 - Cross-Site Request Forgery via Failed Request Retry
CVSS 8.8
CVE-2019-3604
MEDIUM
McAfee ePO (legacy) Cloud - Cross-Site Request Forgery
CVSS 4.8
CVE-2019-6779
HIGH
cscms 4.1.8 - Cross-Site Request Forgery via Admin Links Save Endpoint
CVSS 8.1
CVE-2019-1658
MEDIUM
Cisco Unified Intelligence Center - Cross-Site Request Forgery
CVSS 4.7
CVE-2019-6510
HIGH
creditease-sec insight < 2018-09-11 - Cross-Site Request Forgery in user_delete
CVSS 8.8
CVE-2019-6509
HIGH
creditease-sec insight < 2018-09-11 - Cross-Site Request Forgery in depart_delete
CVSS 8.8
CVE-2019-6508
HIGH
creditease-sec insight < 2018-09-11 - Cross-Site Request Forgery in role_perm_delete
CVSS 8.8
CVE-2019-6507
HIGH
creditease-sec insight < 2018-09-11 - Cross-Site Request Forgery in login_user_delete
CVSS 8.8
CVE-2019-6294
HIGH
EasyCMS 1.5 - Cross-Site Request Forgery via Article Insertion Endpoint
CVSS 8.8
CVE-2019-6249
HIGH
HuCart 5.7.4 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2019-6244
HIGH
UsualToolCMS 8.0 - Cross-Site Request Forgery via a_sqlbackx.php
CVSS 8.8
CVE-2018-25435
MEDIUM
ZeusCart 4.0 - Cross-Site Request Forgery via regstatus Endpoint
CVSS 5.3
CVE-2018-25397
MEDIUM
PHP-SHOP 1.0 Cross-Site Request Forgery via users.php
CVSS 5.3
CVE-2018-25387
MEDIUM
HaPe PKH 1.1 Cross-Site Request Forgery via aksi_user.php
CVSS 5.3
CVE-2018-25370
MEDIUM
Admidio 3.3.5 Cross-Site Request Forgery via roles_function.php
CVSS 5.3
CVE-2018-25363
MEDIUM
Twitter-Clone 1 Cross-Site Request Forgery via tweetdel.php
CVSS 4.3
CVE-2018-25354
MEDIUM
Joomla Component jomres 9.11.2 Cross-Site Request Forgery
CVSS 4.3
CVE-2018-25343
MEDIUM
Smartshop 1 Cross-Site Request Forgery via editprofile.php
CVSS 4.3
CVE-2018-25337
MEDIUM
Joomla JoomOCShop 1.0 Cross-Site Request Forgery
CVSS 4.3
Details
Vulnerabilities
9,378
Exploit Likelihood
Medium