CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,381 vulnerabilities with CWE-352
CVE-2018-5656
HIGH
weblizar-pinterest-feeds <1.1.1 - CSRF
CVSS 8.8
CVE-2018-5368
HIGH
WordPress SrbTransLatin <1.46 - CSRF
CVSS 8.8
CVE-2018-5361
HIGH
WPGlobus < 1.9.7 - Cross-Site Request Forgery via wp-admin/options.php
CVSS 8.8
CVE-2018-0785
MEDIUM
ASP.NET Core 1.0, 1.1, 2.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2018-5301
MEDIUM
Magento < 2.0.10 and 2.1.x < 2.1.2 - Cross-Site Request Forgery
CVSS 6.5
CVE-2018-5285
HIGH
ImageInject plugin 1.15 for WordPress - CSRF
CVSS 8.8
CVE-2018-5073
MEDIUM
advanced_real_estate_script - Cross-Site Request Forgery via admin/movieedit.php
CVSS 6.8
CVE-2017-20221
MEDIUM
Telesquare SKT LTE Router SDT-CS3B1 CSRF System Command Execution
CVSS 4.3
CVE-2017-20120
MEDIUM
TrueConf Server 4.3.7 - Cross-Site Request Forgery in Admin Service Stop Endpoint
CVSS 4.3
CVE-2017-20093
MEDIUM
Download Manager Plugin 2.8.99 - CSRF
CVSS 4.3
CVE-2017-20091
MEDIUM
File Manager Plugin 3.0.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2017-20090
MEDIUM
Global Content Blocks Plugin <2.1.5 - CSRF
CVSS 4.3
CVE-2017-20088
MEDIUM
Atahualpa Theme < 3.7.24 - Cross-Site Request Forgery
CVSS 4.3
CVE-2017-20065
MEDIUM
Supsystic Popup Plugin <1.7.6 - CSRF
CVSS 4.3
CVE-2017-20062
MEDIUM
Elefant CMS < 1.3.13 - Cross-Site Request Forgery
CVSS 5.0
CVE-2017-20053
MEDIUM
XYZScripts Contact Form Manager Plugin - CSRF
CVSS 4.3
CVE-2017-20045
HIGH
Navetti PricePoint 4.6.0.0 - Cross-Site Request Forgery
CVSS 7.3
CVE-2017-20020
MEDIUM
Solar-Log Firmware - Cross-Site Request Forgery
CVSS 5.3
CVE-2017-18903
HIGH
Mattermost Server <4.0.0-3.9.2 - CSRF
CVSS 8.8
CVE-2017-18861
HIGH
NETGEAR ReadyNAS Surveillance < 1.4.3-15 and < 1.1.4-5 - Cross-Site Request Forgery
CVSS 8.0
CVE-2017-18703
HIGH
NETGEAR Multiple Routers and Extenders - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-18708
HIGH
NETGEAR R8300 and R8500 Firmware < 1.0.2.94 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-18749
HIGH
NETGEAR Multiple Routers - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-18742
HIGH
NETGEAR JR6150/R6050/R6250/R6300/R6700/R6900/R7300DST/R7900/R8000/R8500 Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-18755
HIGH
NETGEAR Multiple Routers - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,381
Exploit Likelihood
Medium