CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,380 vulnerabilities with CWE-352
CVE-2018-12659
HIGH
SLiMS 8 Akasia 8.3.1 - Cross-Site Request Forgery via Omitted csrf_token Parameter
CVSS 8.8
CVE-2018-0365
HIGH
Cisco Secure Firewall Management Center - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-0364
HIGH
Cisco Unified Communications Domain Manager - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-0363
HIGH
Cisco Unified Communications Manager IM & Presence Service - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-6563
HIGH
totemo encryption_gateway < 6.0.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-12583
MEDIUM
AKCMS 6.1 - Cross-Site Request Forgery via admincp deleteitem Action
CVSS 6.5
CVE-2018-12582
HIGH
AKCMS 6.1 - Cross-Site Request Forgery via Admin Account Creation
CVSS 8.8
CVE-2018-6497
HIGH
Micro Focus CMS Server 2018.05 & Universal CMDB Server 10.20-10.33 - Unsafe Deserialization & CSRF
CVSS 8.8
CVE-2018-6496
HIGH
Micro Focus Universal CMDB Browser 4.10-4.15.1 - Unsafe Deserialization and Cross-Site Request Forgery
CVSS 8.8
CVE-2018-12114
HIGH
Maccms 10 - Cross-Site Request Forgery via Admin Account Creation
CVSS 8.8
CVE-2018-12354
HIGH
Knowage 6.1.1 - Cross-Site Request Forgery via Form Submission
CVSS 8.8
CVE-2018-11406
HIGH
Symfony Security 2.7.0-2.7.47 - Cross-Site Request Forgery Token Fixation via Session Invalidation Bypass
CVSS 8.8
CVE-2018-8925
HIGH
Synology Photo Station < 6.3-2975 - Cross-Site Request Forgery via admin/user.php Parameters
CVSS 8.8
CVE-2018-1514
MEDIUM
IBM Robotic Process Automation with Automation Anywhere 10.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2018-1000195
MEDIUM
Jenkins < 2.120 and LTS < 2.107.2 - Server-Side Request Forgery via ZipExtractionInstaller
CVSS 4.3
CVE-2018-1432
MEDIUM
IBM InfoSphere Information Server <11.7 - XSS
CVSS 6.1
CVE-2018-11680
MEDIUM
CmsEasy 6.1_20180508 - Cross-Site Request Forgery via Rich Text Editor IFRAME Injection
CVSS 6.5
CVE-2018-11679
HIGH
CmsEasy 6.1_20180508 - Cross-Site Request Forgery via Article Addition
CVSS 8.8
CVE-2018-11538
HIGH
Searchblox - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-11671
HIGH
GreenCMS v2.3.0603 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2018-11670
HIGH
GreenCMS v2.3.0603 - Cross-Site Request Forgery via Media File Connect
CVSS 8.8
CVE-2018-11633
MEDIUM
Woo Checkout for Digital Goods 2.1 - Cross-Site Request Forgery in Admin Settings
CVSS 6.5
CVE-2018-11632
MEDIUM
Add Social Share Messenger Buttons Whatsapp and Viber 1.0.8 - Cross-Site Request Forgery via Admin-Post Handler
CVSS 6.5
CVE-2018-11527
HIGH
CScms v4.1 - Cross-Site Request Forgery in Password Change Endpoint
CVSS 8.8
CVE-2018-11501
HIGH
Website Seller Script 2.0.3 - Cross-Site Request Forgery via user_submit.php
CVSS 8.8
Details
Vulnerabilities
9,380
Exploit Likelihood
Medium