CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,379 vulnerabilities with CWE-352
CVE-2018-15539
HIGH
Agentejo Cockpit - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-18317
HIGH
DESHANG DSCMS 1.1 - Cross-Site Request Forgery via Admin Add URI
CVSS 8.8
CVE-2018-18316
HIGH
emlog v6.0.0 - Cross-Site Request Forgery via admin/user.php?action=new URI
CVSS 8.8
CVE-2018-18215
HIGH
youke365 v1.1.5 - Cross-Site Request Forgery in Admin User Management
CVSS 8.8
CVE-2018-12456
HIGH
Intelbras NPLUG 1.0.0.14 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-13800
HIGH
SIMATIC S7-1200 CPU V4 < 4.2.3 - Authenticated Cross-Site Request Forgery
CVSS 7.3
CVE-2018-18201
HIGH
qibosoft V7.0 - Cross-Site Request Forgery via admin/index.php?lfj=member&action=addmember
CVSS 8.8
CVE-2018-17858
HIGH
Joomla! < 3.8.13 - Cross-Site Request Forgery in com_installer
CVSS 8.8
CVE-2018-18191
HIGH
FineCMS 5.4 - Cross-Site Request Forgery in Admin Password Change
CVSS 8.8
CVE-2018-2474
MEDIUM
SAP Fiori 1.0 for SAP ERP HCM - Cross-Site Request Forgery in Approve Leave Request App
CVSS 6.5
CVE-2018-15401
MEDIUM
Cisco Hosted Collaboration Mediation Fulfillment - Cross-Site Request Forgery
CVSS 6.5
CVE-2018-0451
HIGH
Cisco Tetration Analytics - Authenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2018-0446
HIGH
Cisco Industrial Network Director - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-0445
HIGH
Cisco Packaged Contact Center Enterprise - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-0444
MEDIUM
Cisco Packaged Contact Center Enterprise - Stored Cross-Site Scripting via Web Management Interface
CVSS 6.1
CVE-2018-0439
HIGH
Cisco Meeting Server - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-17986
HIGH
razorcms 3.4.8 - Cross-Site Request Forgery for Admin Password Change
CVSS 8.8
CVE-2018-5921
HIGH
HP Printer and MFP Firmware < 2405129_000052 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-17869
HIGH
DASAN H660GW - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-15702
HIGH
TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 - Cross-Site Request Forgery via Referer Field
CVSS 8.8
CVE-2018-17826
HIGH
HisiPHP 1.0.8 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2018-17081
MEDIUM
e107 2.1.9 - Cross-Site Request Forgery
CVSS 4.3
CVE-2018-8844
HIGH
Philips e-Alert Unit <R2.1 - Info Disclosure
CVSS 8.8
CVE-2018-17366
HIGH
MCMS 4.6.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-15612
HIGH
Avaya Aura Orchestration Designer < 7.2.1 - Cross-Site Request Forgery in Runtime Config
CVSS 8.3
Details
Vulnerabilities
9,379
Exploit Likelihood
Medium