CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,378 vulnerabilities with CWE-352
CVE-2018-19948
LOW
QNAP Helpdesk < 3.0.3 - Cross-Site Request Forgery
CVSS 2.0
CVE-2018-21096
HIGH
NETGEAR WAC120/WAC505/WAC510/WNAP320/WNAP210/WNDAP350/WNDAP360/WNDAP660/WNDAP620/WND930/WN604 - CSRF
CVSS 7.4
CVE-2018-21160
HIGH
NETGEAR ReadyNAS OS 6.0-6.9.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-21102
HIGH
NETGEAR ReadyNAS OS Firmware < 6.9.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-21120
HIGH
NETGEAR Wireless Access Points - Cross-Site Request Forgery
CVSS 8.0
CVE-2018-21037
HIGH
Subrion < 4.1.5 and 4.2.x < 4.2.1 - Cross-Site Request Forgery via Administrator Password Change
CVSS 8.8
CVE-2018-1934
HIGH
IBM Cognos Business Intelligence 10.2.2 - CSRF
CVSS 8.8
CVE-2018-20582
HIGH
gree+ 1.4.0.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-17789
MEDIUM
Prospecta Master Data Online - Cross-Site Request Forgery
CVSS 6.5
CVE-2018-21006
HIGH
bbpress_move_topics < 1.1.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-21002
HIGH
js_help_desk < 2.0.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-20974
HIGH
js_job_manager < 1.0.7 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-20972
HIGH
companion_auto_update < 3.2.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-20971
HIGH
church_admin < 1.2550 - Cross-Site Request Forgery via Bible Reading Plan Upload
CVSS 8.8
CVE-2018-14668
HIGH
ClickHouse < 1.1.54388 - Cross-Site Request Forgery via Remote Table Function
CVSS 8.8
CVE-2018-20968
HIGH
wp-ultimate-exporter < 1.4.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-20967
HIGH
wp-ultimate-csv-importer < 5.6.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-20964
HIGH
Contact Form Email < 1.2.66 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-10899
HIGH
Jolokia 1.2-1.6.0 - Cross-Site Request Forgery
CVSS 8.1
CVE-2018-20872
MEDIUM
DrayTek Firmware < 2018-05-23 - Cross-Site Request Forgery
CVSS 6.5
CVE-2018-17792
HIGH
MDaemon Webmail - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-12628
HIGH
Eventum < 3.5.0 - Cross-Site Request Forgery in User Management
CVSS 8.8
CVE-2018-10986
HIGH
OX Guard 2.8.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-11427
HIGH
Moxa OnCell G3100-HSPA Series < 1.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-20848
HIGH
Advisto PEEL SHOPPING 9.0.0 - Cross-Site Request Forgery via couleurId Parameter
CVSS 8.8
Details
Vulnerabilities
9,378
Exploit Likelihood
Medium