CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,384 vulnerabilities with CWE-352
CVE-2016-10902
HIGH
wp_customer_reviews < 3.0.9 - Cross-Site Request Forgery in Admin Tools
CVSS 8.8
CVE-2016-10915
HIGH
popup-by-supsystic < 1.7.9 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10914
HIGH
add-from-server < 3.3.2 - Cross-Site Request Forgery via File Import
CVSS 8.8
CVE-2016-10885
HIGH
wp-editor < 1.2.6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10884
HIGH
simple-membership < 3.3.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10883
MEDIUM
simple-add-pages-or-posts < 1.7 - Cross-Site Request Forgery for User Deletion
CVSS 6.5
CVE-2016-10882
HIGH
google-doc-embedder < 2.6.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10876
HIGH
wp_database_backup < 4.3.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10874
HIGH
wp-database-backup < 4.3.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10865
MEDIUM
Lightbox Plus Colorbox < 2.7.2 - Cross-Site Request Forgery via Admin Page
CVSS 6.1
CVE-2016-10863
HIGH
Edimax Wi-Fi Extender - Cross-Site Request Forgery via goform/formwlencryptvxd
CVSS 8.8
CVE-2016-10862
HIGH
Neet AirStream NAS1.1 - Unauthenticated Root Account Access via Hardcoded Password
CVSS 8.8
CVE-2016-10861
MEDIUM
Neet AirStream NAS1.1 - Cross-Site Request Forgery via Settings Binary
CVSS 6.5
CVE-2016-10766
HIGH
edx-platform < 2016-06-06 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10757
HIGH
Readaxo - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10756
HIGH
Kliqqi Cms - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10738
HIGH
Zenbership v107 - Cross-Site Request Forgery via Event Add Function
CVSS 8.8
CVE-2016-7067
MEDIUM
Monit < 5.20.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2016-6578
HIGH
CodeLathe FileCloud <13.0.0.32841 - CSRF
CVSS 8.8
CVE-2016-6557
HIGH
ASUS RP-AC52 <1.0.1.1s - Auth Bypass
CVSS 8.8
CVE-2016-10522
HIGH
rails_admin < 1.1.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-10529
HIGH
Droppy < 3.5.0 - Cross-Site Request Forgery via WebSocket Requests
CVSS 8.8
CVE-2016-0272
HIGH
IBM Financial Transaction Manager 2.1.1.2 and 3.0.0.x < fp0013 - Cross-Site Request Forgery
CVSS 8.0
CVE-2016-0295
HIGH
IBM BigFix Platform 9.0-9.5 < 9.5.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-0348
HIGH
IBM TRIRIGA Application Platform <3.4 - CSRF
CVSS 8.0
Details
Vulnerabilities
9,384
Exploit Likelihood
Medium