CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,381 vulnerabilities with CWE-352
CVE-2017-10677
HIGH
Linksys EA4500 Firmware < 2.0.36 - Cross-Site Request Forgery via apply.cgi
CVSS 8.8
CVE-2017-12584
HIGH
SLiMS 8 Akasia <= 8.3.1 - Cross-Site Request Forgery via User Profile Update
CVSS 8.8
CVE-2017-9863
HIGH
SMA Sunny Boy and Sunny Tripower Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-12439
HIGH
SocuSoft Flash Slideshow Maker Professional <5.20 - XSS
CVSS 7.5
CVE-2017-2138
HIGH
CS-Cart Japanese Edition <4.3.10 - CSRF
CVSS 8.8
CVE-2017-11726
HIGH
ConnectWise Manage 2017.5 - Cross-Site Request Forgery via System.rails
CVSS 8.8
CVE-2017-11648
HIGH
Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 - Cross-Site Request Forgery via BasicSettings Request
CVSS 8.8
CVE-2017-9490
HIGH
Arris TG1682G Firmware 10.0.132.SIP.PC20.CT - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-9489
HIGH
Cisco DPC3939B Firmware dpc3939b-v303r204217-150321a-CMCST - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-11646
HIGH
NetComm Wireless 4GT101W - Cross-Site Request Forgery via Administration Interface
CVSS 8.8
CVE-2017-11680
HIGH
Hashtopussy < 0.4.0 - Cross-Site Request Forgery via users.php
CVSS 8.8
CVE-2017-11679
HIGH
Hashtopus 1.5g - Cross-Site Request Forgery via Admin Config Password Parameter
CVSS 8.8
CVE-2017-9413
HIGH
Subsonic 6.1.1 - Cross-Site Request Forgery in Podcast Feature
CVSS 8.8
CVE-2017-2273
HIGH
BUFFALO WMR-433 and WMR-433W - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-9415
HIGH
subsonic 6.1.1 - Cross-Site Request Forgery via userSettings.view
CVSS 7.5
CVE-2017-9930
HIGH
Green Packet DX-350 Firmware v2.8.9.5-g1.4.8-atheeb - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-1218
HIGH
IBM BigFix Platform - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-10961
HIGH
REDCap < 7.5.0 - Cross-Site Request Forgery in File Repository Deletion
CVSS 8.8
CVE-2017-9810
HIGH
Kaspersky Anti-Virus for Linux File Server <8.0.4.312 - CSRF
CVSS 8.8
CVE-2017-7666
HIGH
Apache OpenMeetings 1.0.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-1000069
HIGH
oauth2_proxy < 2.2.0 - Cross-Site Request Forgery in Authentication Flow
CVSS 8.8
CVE-2017-1000008
HIGH
Chyrp Lite 2016.04 - Cross-Site Request Forgery in User Settings
CVSS 8.8
CVE-2017-11196
HIGH
Pulse Connect Secure 8.3R1 - Cross-Site Request Forgery in Admin Logout Function
CVSS 8.8
CVE-2017-11193
HIGH
Pulse Connect Secure 8.3R1 - Cross-Site Request Forgery in diag.cgi
CVSS 8.8
CVE-2017-2244
HIGH
Brother MFC-J960DWN Firmware <= ver.D - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,381
Exploit Likelihood
Medium