CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,381 vulnerabilities with CWE-352
CVE-2017-6634
HIGH
Cisco Industrial Ethernet 1000 Series Switches 1.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-7620
MEDIUM
MantisBT < 1.3.11, 2.x < 2.3.3, 2.4.x < 2.4.1 - Cross-Site Request Forgery via Permalink Injection
CVSS 6.5
CVE-2017-9064
HIGH
WordPress < 4.7.5 - Cross-Site Request Forgery in Filesystem Credentials Dialog
CVSS 8.8
CVE-2017-9062
HIGH
WordPress < 4.7.5 - Cross-Site Request Forgery via XML-RPC API
CVSS 8.6
CVE-2017-7662
HIGH
Apache CXF Fediz <1.4.0-1.3.2 - CSRF
CVSS 8.8
CVE-2017-7661
HIGH
Apache CXF Fediz <1.4.0-1.2.4 - CSRF
CVSS 8.8
CVE-2017-8382
MEDIUM
admidio 3.2.8 - Cross-Site Request Forgery in Members Function Module
CVSS 4.5
CVE-2017-7491
MEDIUM
Moodle 2.x and 3.x - Cross-Site Request Forgery
CVSS 4.3
CVE-2017-8930
HIGH
Simple Invoices 2013.1.beta.8 - CSRF
CVSS 8.8
CVE-2017-8928
HIGH
mailcow 0.14 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-8875
MEDIUM
Clean Login < 1.8 - Cross-Site Request Forgery
CVSS 6.5
CVE-2017-8874
HIGH
Mautic 1.4.1 - Cross-Site Request Forgery in Email Campaign and Contact Deletion
CVSS 8.8
CVE-2017-5891
HIGH
ASUS RT-AC* and RT-N* Firmware - Cross-Site Request Forgery in Login and Save Settings
CVSS 8.8
CVE-2017-8848
MEDIUM
Allen Disk - Cross-Site Request Forgery
CVSS 6.5
CVE-2017-7431
HIGH
Novell iManager <2.7 SP7 Patch 10 HF1 & NetIQ iManager <3.0.3.1 - CSRF
CVSS 8.8
CVE-2017-1194
HIGH
IBM WebSphere Application Server - CSRF
CVSS 8.8
CVE-2017-2102
HIGH
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application <= V3.0.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-2097
HIGH
support-project Knowledge < 1.7.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2017-8101
HIGH
Serendipity 2.0.5 - Cross-Site Request Forgery via Theme Installation
CVSS 8.8
CVE-2017-8100
MEDIUM
CopySafe Web Protection < 2.5 - Cross-Site Request Forgery
CVSS 6.5
CVE-2017-8099
HIGH
WHIZZ < 1.1 - Cross-Site Request Forgery via GET Request
CVSS 8.1
CVE-2017-8098
MEDIUM
e107 2.1.4 - Cross-Site Request Forgery in Plugin Installation
CVSS 6.5
CVE-2017-7852
HIGH
D-Link DCS Series Cameras - Cross-Site Request Forgery via Insecure CrossDomain.XML
CVSS 8.8
CVE-2017-8082
MEDIUM
concrete5 8.1.0 - Cross-Site Request Forgery in Thumbnail Editor
CVSS 6.5
CVE-2017-7951
HIGH
WonderCMS < 2.0.2 - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,381
Exploit Likelihood
Medium