CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,380 vulnerabilities with CWE-352
CVE-2018-9923
HIGH
icms < 7.0.7 - Cross-Site Request Forgery via admincp.php Article Save
CVSS 8.8
CVE-2018-9856
HIGH
Kotti < 1.3.2 and 2.x < 2.0.0b2 - Cross-Site Request Forgery via Local Roles Implementation
CVSS 8.8
CVE-2018-1000153
HIGH
Jenkins vSphere Plugin <2.16 - CSRF
CVSS 8.8
CVE-2018-6874
HIGH
auth0.js < 8.12.1 and npm/auth0-js < 9.0.0 - Cross-Site Request Forgery via Legacy Lock API
CVSS 8.8
CVE-2018-8814
MEDIUM
WolfCMS 0.8.3.1 - Cross-Site Request Forgery in Plugin Settings
CVSS 6.5
CVE-2018-1098
HIGH
etcd < 3.3.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-8908
HIGH
Frog CMS 0.9.5 - Cross-Site Request Forgery in User Addition
CVSS 8.8
CVE-2018-8893
HIGH
Z-BlogPHP 1.5.1 Zero - Cross-Site Request Forgery in plugin_edit.php
CVSS 8.8
CVE-2018-9134
HIGH
DedeCMS 5.7 - Cross-Site Request Forgery via File Rename Action
CVSS 8.8
CVE-2018-9108
HIGH
QuickAppsCMS 2.0.0-beta2 - Unauthenticated Cross-Site Request Forgery in Admin User Addition
CVSS 8.8
CVE-2018-9092
HIGH
MiniCMS 1.10 - Cross-Site Request Forgery in Admin Configuration
CVSS 8.8
CVE-2018-7700
HIGH
dedecms 5.7 - Cross-Site Request Forgery to Remote Code Execution via partcode Parameter
CVSS 8.8
CVE-2018-8764
HIGH
Roland Gruber Softwareentwicklung LDAP Account Manager <6.3 - CSRF
CVSS 8.8
CVE-2018-8718
HIGH
Mailer Plugin 1.20 for Jenkins 2.111 - CSRF
CVSS 8.0
CVE-2018-1213
HIGH
Dell EMC Isilon OneFS CSRF (7.1.1.11, 7.2.1.0-7.2.1.5, 8.0.0.0-8.0.0.6, 8.0.1.0-8.0.1.2, 8.1.0.0-8.1.0.2)
CVSS 8.8
CVE-2018-8979
HIGH
Open-audit - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-8817
HIGH
Wampserver < 3.1.3 - Cross-Site Request Forgery via add_vhost.php
CVSS 8.8
CVE-2018-8972
HIGH
CWCMS < 2017-07-28 - Cross-Site Request Forgery in Site Configuration Update
CVSS 8.8
CVE-2018-1000137
HIGH
scilico i_librarian < 4.8 - Cross-Site Request Forgery in users.php
CVSS 8.8
CVE-2018-7524
HIGH
Geutebruck G-Cam/EFD-2250 1.12.0.4 and TopFD-2125 3.15.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-1230
HIGH
Spring Batch Admin - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-8811
HIGH
OpenCMS 10.5.3 - Cross-Site Request Forgery in User Role Management
CVSS 8.8
CVE-2018-6224
HIGH
Trend Micro Email Encryption Gateway 5.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-8717
HIGH
joyplus-cms 1.6.0 - Cross-Site Request Forgery via Admin Account Addition
CVSS 8.8
CVE-2018-7701
MEDIUM
SecurEnvoy SecurMail <9.2.501 - CSRF
CVSS 6.5
Details
Vulnerabilities
9,380
Exploit Likelihood
Medium