CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,385 vulnerabilities with CWE-352
CVE-2016-5758
HIGH
NetIQ Access Manager <4.1.2-4.2.2 - CSRF
CVSS 8.8
CVE-2016-4504
HIGH
Meteocontrol WEB'log - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4928
HIGH
Junos Space < 15.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-8018
MEDIUM
McAfee VirusScan Enterprise Linux < 2.0.3 - Authenticated Cross-Site Request Forgery
CVSS 4.3
CVE-2016-9730
MEDIUM
IBM QRadar Incident Forensics 7.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2016-10206
HIGH
Zoneminder < 1.30.0 - Cross-Site Request Forgery via Crafted User Action Request
CVSS 8.8
CVE-2016-9975
HIGH
IBM Jazz for Service Management 1.1.2.1 and 1.1.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4315
MEDIUM
WSO2 Carbon 4.4.5 - Cross-Site Request Forgery via Server Shutdown Action
CVSS 5.7
CVE-2016-4311
HIGH
WSO2 Identity Server 5.1.0 - Cross-Site Request Forgery in XACML Flow
CVSS 8.8
CVE-2016-6033
HIGH
IBM Tivoli Storage Manager for Virtual Environments 7.1 - CSRF
CVSS 8.8
CVE-2016-9365
HIGH
Moxa NPort Series - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-8369
HIGH
Lynxspring JENEsys BAS Bridge <1.1.8 - CSRF
CVSS 8.8
CVE-2016-8350
MEDIUM
Moxa ioLogik <V2.4 - Info Disclosure
CVSS 6.3
CVE-2016-5809
HIGH
Schneider Electric IONXXXX Series - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-5372
MEDIUM
NetApp Snap Creator Framework < 4.3.0P1 - Cross-Site Request Forgery
CVSS 6.3
CVE-2016-2539
HIGH
ATutor < 2.2.1 - Cross-Site Request Forgery via install_modules.php
CVSS 8.8
CVE-2016-6103
HIGH
IBM Tivoli Key Lifecycle Manager - CSRF
CVSS 8.8
CVE-2016-8941
HIGH
IBM Tivoli Storage Productivity Center - CSRF
CVSS 8.8
CVE-2016-6045
HIGH
IBM Tivoli Storage Manager Operations Center - CSRF
CVSS 8.8
CVE-2016-5937
HIGH
IBM Kenexa LCMS Premier on Cloud - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-3029
HIGH
IBM Security Access Manager for Web 8.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-9218
HIGH
Cisco Hybrid Meeting Server 1.0 - Unauthenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2016-6521
HIGH
Grails < 1.5.9 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-3406
HIGH
Zimbra Collaboration Suite < 8.7.0 - Cross-Site Request Forgery via Client Uploader and REST Handlers
CVSS 8.8
CVE-2016-6897
MEDIUM
WordPress < 4.5.5 - Cross-Site Request Forgery via Late check_ajax_referer Call
CVSS 6.5
Details
Vulnerabilities
9,385
Exploit Likelihood
Medium