CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,379 vulnerabilities with CWE-352
CVE-2018-14963
HIGH
zzcms 8.3 - Cross-Site Request Forgery via admin/adminadd.php
CVSS 8.8
CVE-2018-14960
HIGH
Xiao5uCompany 1.7 - Cross-Site Request Forgery via admin/Admin.asp
CVSS 8.8
CVE-2018-14959
HIGH
WeaselCMS 0.3.5 - Cross-Site Request Forgery via Page Creation
CVSS 8.8
CVE-2018-14958
HIGH
WeaselCMS 0.3.5 - Cross-Site Request Forgery via index.php
CVSS 8.8
CVE-2018-14926
HIGH
Matera Banco 1.0.0 - Cross-Site Request Forgery via messageSendHandler.jsp
CVSS 8.8
CVE-2018-14910
HIGH
SeaCMS v6.61 - Remote Code Execution via IP Address Field
CVSS 8.8
CVE-2018-14908
HIGH
Samsung Syncthru Web Service V4.05.61 - CSRF
CVSS 8.8
CVE-2018-0413
HIGH
Cisco Identity Services Engine Software - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-1999027
HIGH
Jenkins SaltStack Plugin <3.1.6 - Info Disclosure
CVSS 7.5
CVE-2018-14603
HIGH
GitLab <10.8.7, <11.0.5, <11.1.2 - CSRF
CVSS 8.8
CVE-2018-14583
HIGH
xyhcms 3.5 - Cross-Site Request Forgery via Auth/addUser Endpoint
CVSS 8.8
CVE-2018-14582
HIGH
BageCMS V3.1.3 - Cross-Site Request Forgery via Admin Account Creation
CVSS 8.8
CVE-2018-14421
HIGH
SeaCMS v6.61 - Remote Code Execution via Movie Picture Address
CVSS 8.8
CVE-2018-14420
HIGH
Metinfo 6.0.0 - Cross-Site Request Forgery via doaddsave Action
CVSS 8.8
CVE-2018-0402
HIGH
Cisco Unified Contact Center Express - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-14331
HIGH
XiaoCms X1 v20140305 - Cross-Site Request Forgery via Password Change
CVSS 8.8
CVE-2018-14069
HIGH
SRCMS V2.3.1 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2018-14068
HIGH
SRCMS 2.3.1 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2018-1000206
HIGH
JFrog Artifactory 5.11.0-6.0.x - Cross-Site Request Forgery via Flash Component
CVSS 8.8
CVE-2018-14029
HIGH
wityCMS 0.6.2 - Cross-Site Request Forgery in Admin User Edit
CVSS 8.8
CVE-2018-14014
HIGH
waimai Super Cms 20150505 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2018-12540
HIGH
Eclipse Vert.x 3.0.0-3.5.2 - Cross-Site Request Forgery via XSRF Token Replay
CVSS 8.8
CVE-2018-10895
CRITICAL
qutebrowser < 1.4.1 - Cross-Site Request Forgery via qute:// URL Scheme
CVSS 9.3
CVE-2018-10232
MEDIUM
TOPdesk < 8.05.017 - Cross-Site Request Forgery
CVSS 6.5
CVE-2018-13989
HIGH
Grundig Smart Inter@ctive TV 3.0 - Cross-Site Request Forgery via TCP Port 8085
CVSS 8.8
Details
Vulnerabilities
9,379
Exploit Likelihood
Medium