CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,379 vulnerabilities with CWE-352
CVE-2018-6504
HIGH
ArcSight Management Center < 2.81 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-13398
MEDIUM
Atlassian Crucible and Fisheye < 4.5.4 - Cross-Site Request Forgery in Administrative Smart-Commits Resource
CVSS 6.5
CVE-2018-16952
HIGH
Oracle WebCenter Interaction Portal 10.3.3 - CSRF
CVSS 8.8
CVE-2018-17104
HIGH
Microweber 1.0.7 - Cross-Site Request Forgery via Admin User Creation
CVSS 8.8
CVE-2018-17103
HIGH
GetSimple CMS v3.3.13 - Cross-Site Request Forgery via admin/settings.php
CVSS 8.8
CVE-2018-17102
HIGH
QuickAppsCMS through 2.0.0-beta2 - Cross-Site Request Forgery via User Password Change
CVSS 8.8
CVE-2018-17070
MEDIUM
UNL-CMS 7.59 - CSRF
CVSS 6.5
CVE-2018-17069
MEDIUM
UNL-CMS 7.59 - CSRF
CVSS 6.5
CVE-2018-17045
HIGH
CMS MaeloStore 1.5.0 - Cross-Site Request Forgery via Admin Password Update
CVSS 8.8
CVE-2018-17023
HIGH
ASUS GT-AC5300 <3.0.0.4.384_32738 - CSRF
CVSS 8.8
CVE-2018-16951
HIGH
xunfeng 0.2.0 - Cross-Site Request Forgery via Backquote Character Mishandling
CVSS 8.0
CVE-2018-16832
MEDIUM
xunfeng 0.2.0 - Cross-Site Request Forgery via X-Forwarded-Host Header Overwrite
CVSS 6.5
CVE-2018-16732
HIGH
CScms 4.1 - Cross-Site Request Forgery via FTP Settings Save
CVSS 8.8
CVE-2018-0647
HIGH
ASUS WL-330NUL Firmware < 3.0.0.46 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-16650
HIGH
phpmyfaq < 2.9.11 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-1000669
HIGH
Koha Library System <17.05.05 - CSRF
CVSS 8.8
CVE-2018-16552
HIGH
MicroPyramid Django-CRM 0.2 - Cross-Site Request Forgery in User and Account Management
CVSS 8.8
CVE-2018-15682
HIGH
BTITeam XBTIT < 2.5.4 - Cross-Site Request Forgery via Private Message Form
CVSS 8.8
CVE-2018-15677
MEDIUM
BTITeam XBTIT 2.5.4 - Stored Cross-Site Scripting and Cross-Site Request Forgery via Newsfeed Title
CVSS 6.1
CVE-2018-14769
HIGH
VIVOTEK FD8177 <XXXXXX-VVTK-xx06a - CSRF
CVSS 8.8
CVE-2018-16458
MEDIUM
baigo CMS v2.1.1 - Cross-Site Request Forgery via Article Publication Endpoint
CVSS 6.5
CVE-2018-16449
MEDIUM
OneThink 1.1.141212 - Cross-Site Request Forgery via Admin Endpoints
CVSS 6.5
CVE-2018-16448
HIGH
cscms 4 - Cross-Site Request Forgery via Admin User Management Endpoints
CVSS 8.8
CVE-2018-16447
HIGH
Frogcms - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-16431
HIGH
YFCMF v3.0 - Cross-Site Request Forgery in Admin Account Creation
CVSS 8.8
Details
Vulnerabilities
9,379
Exploit Likelihood
Medium