CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,381 vulnerabilities with CWE-352
CVE-2017-14683
HIGH
geminabox < 0.13.7 - Cross-Site Request Forgery via Unintended Gem Upload
CVSS 8.8
CVE-2017-12253
HIGH
Cisco Unified Intelligence Center - CSRF
CVSS 8.8
CVE-2017-14530
HIGH
Crony Cronjob Manager < 0.4.6 - Cross-Site Request Forgery via Name Parameter
CVSS 8.0
CVE-2017-11350
HIGH
Axesstel MU553S MU55XS-V1.14 - Cross-Site Request Forgery in ConfigSet
CVSS 8.8
CVE-2017-14267
HIGH
EE 4GEE WiFi MBB < EE60_00_05.00_31 - CSRF
CVSS 8.8
CVE-2017-12838
HIGH
NexusPHP 1.5 - Cross-Site Request Forgery via mybonus.php
CVSS 8.8
CVE-2017-11567
HIGH
Mongoose Embedded Web Server Library < 6.8 - Cross-Site Request Forgery via __mg_admin?save
CVSS 8.8
CVE-2017-1097
HIGH
IBM Emptoris Strategic Supply Management Platform 10.0.0.x-10.1.1.x - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-14048
HIGH
BlackCat CMS 1.2 - Command Injection
CVSS 8.8
CVE-2017-1442
HIGH
IBM Emptoris Services Procurement 10.0.0.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-11455
HIGH
Pulse Connect Secure 8.1R1-8.1R10, 8.2R1-8.2R5 & Pulse Policy Secure 5.1R1-5.3R5 - CSRF via diag.cgi
CVSS 8.8
CVE-2017-7926
HIGH
OSIsoft PI Web API < 2017 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-12703
HIGH
Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455 < 1.7.5.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-12970
HIGH
Apache2Triad 1.5.4 - Cross-Site Request Forgery in User Account Management
CVSS 8.8
CVE-2017-7557
HIGH
dnsdist 1.1.0 - Improper Authentication for REST API
CVSS 8.8
CVE-2017-7423
HIGH
Micro Focus Enterprise Developer/Server <2.3 Update 1 Hotfix 8 - CSRF
CVSS 8.8
CVE-2017-5187
HIGH
Micro Focus Enterprise Developer/E<2.3 - CSRF
CVSS 8.8
CVE-2017-12881
HIGH
Spring Batch Admin < 1.3.0.RELEASE - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-12593
HIGH
ASUS DSL-N10S V2.1.16_APAC - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-12589
HIGH
ToMAX R60G and R60GV2 Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-7556
HIGH
Hawtio <= 1.5.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-12853
HIGH
RealTime RWR-3G-100 Router Firmware Ver1.0.56 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-6328
HIGH
Symantec Messaging Gateway < 10.6.3-267 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-12651
HIGH
Loginizer < 1.3.5 - Cross-Site Request Forgery in IP Wizard
CVSS 8.8
CVE-2017-6756
HIGH
Cisco Prime Collaboration Provisioning Tool <12.2 - CSRF
CVSS 8.8
Details
Vulnerabilities
9,381
Exploit Likelihood
Medium