CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,380 vulnerabilities with CWE-352
CVE-2018-7216
HIGH
Bravo Tejari Procurement Portal - Authenticated Cross-Site Request Forgery in Profile Data Update
CVSS 8.0
CVE-2018-7176
HIGH
FrontAccounting 2.4.3 - Cross-Site Request Forgery via User Permissions Page
CVSS 8.8
CVE-2018-6888
HIGH
Typesetter - Cross-Site Request Forgery
CVSS 8.0
CVE-2018-1000053
HIGH
LimeSurvey 3.0.0-beta.3+17110 - CSRF
CVSS 8.8
CVE-2018-6288
HIGH
Kaspersky Secure Mail Gateway 1.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-6656
MEDIUM
Z-BlogPHP 1.5.1 - Cross-Site Request Forgery via AppCentre Plugin Deletion
CVSS 6.5
CVE-2018-6467
HIGH
flickrRSS 5.3.1 - Cross-Site Request Forgery via wp-admin/options-general.php
CVSS 8.8
CVE-2018-6651
HIGH
uncurl < 0.07 - Cross-Site Request Forgery via Origin Header Substring Match
CVSS 8.8
CVE-2018-0509
HIGH
kkcald < 0.7.21 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-6408
HIGH
Conceptronic CIPCAMPTIWL V3 0.61.30.21 - Cross-Site Request Forgery in hy-cgi/user.cgi
CVSS 8.8
CVE-2018-6391
HIGH
Netis WF2419 V2.2.36123 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-6007
HIGH
JS Support Ticket 1.1.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-5720
HIGH
DODOCOOL DC38 3-in-1 N300 Mini Wireless Range Extender RTN2-AW.GD.R3465.1.20161103 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-6357
HIGH
acurax-social-media-widget < 3.2.5 - Cross-Site Request Forgery via recordsArray Parameter
CVSS 8.8
CVE-2018-5976
HIGH
RSVP Invitation Online 1.0 - Cross-Site Request Forgery via account.php
CVSS 8.8
CVE-2018-5969
HIGH
Photography CMS 1.0 - Cross-Site Request Forgery via ajax_new_admin.php
CVSS 8.8
CVE-2018-1000014
HIGH
Jenkins Translation Assistance Plugin < 1.15 - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-1000013
HIGH
Jenkins Release Plugin < 2.9 - Cross-Site Request Forgery via Form Submission
CVSS 8.8
CVE-2018-6009
HIGH
Yii Framework 2.x <2.0.14 - CSRF
CVSS 8.8
CVE-2018-0107
HIGH
Cisco Prime Service Catalog - Cross-Site Request Forgery
CVSS 8.8
CVE-2018-5329
HIGH
ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 - CSRF
CVSS 8.8
CVE-2018-5673
HIGH
WordPress booking-calendar <2.1.7 - CSRF
CVSS 8.8
CVE-2018-5669
HIGH
read-and-understood 2.1 - Cross-Site Request Forgery via wp-admin/options-general.php
CVSS 8.8
CVE-2018-5658
HIGH
Responsive Coming Soon Page <1.1.18 - CSRF
CVSS 8.8
CVE-2018-5656
HIGH
weblizar-pinterest-feeds <1.1.1 - CSRF
CVSS 8.8
Details
Vulnerabilities
9,380
Exploit Likelihood
Medium