CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,384 vulnerabilities with CWE-352
CVE-2016-4886
HIGH
baserCMS plugin Mail <= 3.0.10 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4885
HIGH
baserCMS plugin Feed <= 3.0.10 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4884
HIGH
baserCMS plugin Blog <= 3.0.10 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4882
HIGH
baserCMS <= 3.0.10 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4881
HIGH
baserCMS plugin Blog <= 3.0.10 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4879
HIGH
baserCMS Mail Plugin <= 3.0.10 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4878
HIGH
baserCMS < 3.0.11 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4876
HIGH
baserCMS <= 3.0.10 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-9092
HIGH
Symantec CA <2.2.1.1, MTD 1.1 - CSRF
CVSS 8.8
CVE-2016-5889
HIGH
IBM Interact 8.6, 9.0, 9.1, 10.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-3691
HIGH
Kallithea < 0.3.2 - Cross-Site Request Forgery via GET Request Method
CVSS 8.8
CVE-2016-0720
HIGH
pcs < 0.9.149 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-5401
HIGH
Red Hat JBoss BRMS and BPMS 6 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-3734
HIGH
Moodle <3.0.3-<2.9.5-<2.8.11-<2.7.13 - CSRF
CVSS 8.8
CVE-2016-1161
HIGH
ManageEngine Password Manager Pro <8.5 - CSRF
CVSS 8.0
CVE-2016-4891
HIGH
Setucocms - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-8718
HIGH
Moxa AWK-3131A Wireless Access Point <1.1 - CSRF
CVSS 8.8
CVE-2016-4319
HIGH
Atlassian JIRA Server <7.1.9 - CSRF
CVSS 8.8
CVE-2016-6100
HIGH
IBM Atlas Policy Suite 6.0.3 - CSRF
CVSS 8.8
CVE-2016-10313
HIGH
Jensenofscandinavia Al3g Firmware - CSRF
CVSS 8.8
CVE-2016-8917
HIGH
IBM Sterling Order Management <9.5 - CSRF
CVSS 8.8
CVE-2016-9456
HIGH
Revive Adserver < 3.2.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-9455
HIGH
Revive Adserver < 3.2.3 - Cross-Site Request Forgery in Admin Scripts
CVSS 8.8
CVE-2016-9127
HIGH
Revive Adserver < 3.2.3 - Cross-Site Request Forgery via Password Recovery Form
CVSS 8.8
CVE-2016-5758
HIGH
NetIQ Access Manager <4.1.2-4.2.2 - CSRF
CVSS 8.8
Details
Vulnerabilities
9,384
Exploit Likelihood
Medium