CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,379 vulnerabilities with CWE-352
CVE-2018-10884
HIGH
Ansible Tower 3.1.0-3.1.8 - Cross-Site Request Forgery in awx/api/authentication.py
CVSS 8.8
CVE-2018-15569
MEDIUM
my_little_forum 2.4.12 - Cross-Site Request Forgery for User Deletion
CVSS 6.5
CVE-2018-15568
HIGH
tp5cms < 2017-05-25 - Cross-Site Request Forgery via admin.php/category/delete.html
CVSS 8.8
CVE-2018-15565
HIGH
simple-cms < 2014-03-11 - Unauthenticated Cross-Site Request Forgery via admin/addpage.php
CVSS 8.8
CVE-2018-15564
HIGH
simple-cms < 2014-03-11 - Cross-Site Request Forgery via admin/?delpage Parameter
CVSS 8.8
CVE-2018-14057
HIGH
pimcore < 5.3.0 - Cross-Site Request Forgery via Missing CSRF Token Validation
CVSS 8.8
CVE-2018-1712
HIGH
IBM API Connect 5.0.0.0-5.0.8.3 - Server-Side Request Forgery
CVSS 8.6
CVE-2018-1455
MEDIUM
IBM Tivoli Application Dependency Discovery Manager <7.3 - CSRF
CVSS 4.3
CVE-2018-13394
MEDIUM
Atlassian Questions for Confluence < 2.6.6 - Cross-Site Request Forgery via acceptAnswer Resource
CVSS 6.5
CVE-2018-13393
MEDIUM
Atlassian Questions for Confluence < 2.6.6 - Cross-Site Request Forgery via convertCommentToAnswer
CVSS 6.5
CVE-2018-2442
HIGH
SAP BusinessObjects Business Intelligence 4.0-4.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-7097
HIGH
HP 3PAR Service Provider < SP-4.4.0.GA-110(MU7) - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-14783
HIGH
NetComm Wireless G LTE Light Industrial M2M Router - CSRF
CVSS 8.8
CVE-2018-15187
HIGH
PHP Scripts Mall advanced-real-estate-script 4.0.9 - CSRF
CVSS 8.0
CVE-2018-15186
HIGH
PHP Scripts Mall Chartered Accountant - Auditor Website 2.0.1 - CSRF
CVSS 8.8
CVE-2018-15203
MEDIUM
ignitedcms < 2017-02-19 - Cross-Site Request Forgery via Page Addition
CVSS 6.5
CVE-2018-15202
MEDIUM
Juunan06 eCommerce <2018-08-05 - CSRF
CVSS 6.3
CVE-2018-15198
HIGH
OneThink 1.1 - Cross-Site Request Forgery in User Add Endpoint
CVSS 8.8
CVE-2018-15197
HIGH
OneThink 1.1 - Cross-Site Request Forgery in Admin Group Assignment
CVSS 8.8
CVE-2018-15193
HIGH
Gogs through 0.11.53 - Cross-Site Request Forgery in Admin Panel
CVSS 8.8
CVE-2018-15177
HIGH
Gxlcms 2.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-7060
HIGH
Aruba ClearPass 6.6.0-6.6.8 and 6.7.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-14978
HIGH
QCMS 3.0.1 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2018-14966
HIGH
EMLsoft 5.4.5 - Cross-Site Request Forgery via User Addition
CVSS 8.8
CVE-2018-14965
HIGH
EMLsoft 5.4.5 - Cross-Site Request Forgery via eml/upload/eml/ Endpoint
CVSS 8.8
Details
Vulnerabilities
9,379
Exploit Likelihood
Medium