CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,380 vulnerabilities with CWE-352
CVE-2018-11500
HIGH
PublicCMS V4.0.20180210 - Cross-Site Request Forgery in Admin User Save Endpoint
CVSS 8.8
CVE-2018-11493
HIGH
Wuzhicms - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-11445
HIGH
EasyService Billing 1.0 - Cross-Site Request Forgery on User Add Page
CVSS 8.8
CVE-2018-11442
HIGH
EasyService Billing 1.0 - Cross-Site Request Forgery via Quotation Creation
CVSS 8.8
CVE-2018-11405
HIGH
Kliqqi Cms - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-11371
HIGH
SkyCaiji 1.2 - Cross-Site Request Forgery to Add Administrator
CVSS 8.8
CVE-2018-11096
MEDIUM
Horse Market Sell & Rent Portal Script 1.5.7 - Cross-Site Request Forgery
CVSS 6.5
CVE-2018-11092
MEDIUM
Admin Notes 1.1 - Cross-Site Request Forgery via Clear Table Action
CVSS 6.5
CVE-2018-1434
HIGH
IBM SAN Volume Controller and Storwize 6.1.0.0-7.5.0.14 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-0270
HIGH
Cisco IoT Field Network Director - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-11127
MEDIUM
e107 2.1.7 - Cross-Site Request Forgery resulting in Arbitrary User Deletion
CVSS 6.5
CVE-2018-11126
HIGH
doorGets 7.0 - Cross-Site Request Forgery via User Add Controller
CVSS 8.8
CVE-2018-11018
HIGH
PbootCMS 1.0.7 - Cross-Site Request Forgery in Role Controller
CVSS 8.8
CVE-2018-11004
HIGH
SDcms 1.5 - Cross-Site Request Forgery in Admin Controller
CVSS 8.8
CVE-2018-11003
MEDIUM
YXcms 1.4.7 - Cross-Site Request Forgery via adminController.php
CVSS 6.5
CVE-2018-6458
HIGH
Easy Hosting Control Panel 0.37.12.b - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-6023
HIGH
Fastweb FASTgate 0.00.47 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-10803
MEDIUM
ManageEngine NetFlow Analyzer 12.3-12.3.125 - Stored Cross-Site Scripting via Credential Description
CVSS 6.1
CVE-2018-10957
HIGH
D-Link DIR-868L Firmware - Cross-Site Request Forgery via hedwig.cgi and pigwidgeon.cgi
CVSS 8.8
CVE-2018-10806
MEDIUM
Frogcms - Cross-Site Request Forgery
CVSS 5.4
CVE-2018-10758
MEDIUM
Datenstrom Yellow 0.7.3 - Cross-Site Request Forgery via Edit URI Delete Action
CVSS 6.5
CVE-2018-10166
HIGH
TP-Link EAP/Omada Controller <2.6.0 - CSRF
CVSS 8.8
CVE-2018-10554
MEDIUM
Nagios XI 5.4.13 - Cross-Site Scripting via CSRF
CVSS 5.4
CVE-2018-10503
HIGH
baijiacms V4 <v4_1_4_20170105 - CSRF
CVSS 8.8
CVE-2018-1479
HIGH
IBM BigFix Platform 9.2-9.5 - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,380
Exploit Likelihood
Medium