CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,385 vulnerabilities with CWE-352
CVE-2016-7980
HIGH
SPIP < 3.1.2 - Cross-Site Request Forgery via XML Validator
CVSS 8.8
CVE-2016-7904
HIGH
CMS Made Simple < 2.1.6 - Cross-Site Request Forgery via Admin User Creation
CVSS 8.0
CVE-2016-8201
HIGH
Brocade Virtual Traffic Manager <11.0 - CSRF
CVSS 8.0
CVE-2016-4808
HIGH
web2py < 2.14.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-7454
HIGH
Technicolor Xfinity Gateway Router DPC3941T Firmware CSRF Vulnerability
CVSS 8.0
CVE-2016-7885
HIGH
Adobe Experience Manager <= 6.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-6277
HIGH
KEV
NETGEAR D6220/D6400/R6250/R6400/R6700/R6900/R7000/R7100LG/R7300DST/R7900/R8000 Firmware - Remote Code Execution
CVSS 8.8
CVE-2016-6468
HIGH
Cisco Emergency Responder <12.0 - CSRF
CVSS 8.8
CVE-2016-9866
CRITICAL
phpMyAdmin < 4.6.5, < 4.4.15.9, < 4.0.10.18 - Cross-Site Request Forgery via Preference Import Return URL
CVSS 9.8
CVE-2016-2884
HIGH
IBM Forms Experience Builder 8.5.x-8.6.x - Authenticated Cross-Site Request Forgery
CVSS 8.0
CVE-2016-2878
HIGH
IBM QRadar SIEM 7.1-7.2 - Cross-Site Request Forgery
CVSS 8.0
CVE-2016-3009
LOW
IBM Connections 4.0-4.0 CR4, 4.5-4.5 CR5, 5.0-5.0 CR3 - Authenticated Cross-Site Request Forgery
CVSS 3.5
CVE-2016-3004
MEDIUM
IBM Connections 4.0-4.0 CR4, 4.5-4.5 CR5, 5.0-5.0 CR3 - Authenticated Cross-Site Request Forgery
CVSS 4.6
CVE-2016-2963
HIGH
IBM BigFix Remote Control < 9.1.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-8673
HIGH
SIMATIC CP/S7-300/S7-400 <3.0.53/<2.17 - RCE
CVSS 8.8
CVE-2016-6454
MEDIUM
Cisco Hosted Collaboration Mediation Fulfillment - CSRF
CVSS 6.5
CVE-2016-6444
HIGH
Cisco Meeting Server 1.8, 1.9, 2.0 - Unauthenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2016-6442
HIGH
Cisco Finesse Agent and Supervisor Desktop Software - CSRF
CVSS 8.8
CVE-2016-8504
MEDIUM
Yandex Browser < 16.6 - Cross-Site Request Forgery in Synchronization Form
CVSS 4.3
CVE-2016-1000213
HIGH
Ruckus Wireless H500 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-6427
HIGH
Cisco Unified Intelligence Center 8.5.4-9.1(1) - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-6417
HIGH
Cisco FireSIGHT System Software <6.1.0 - CSRF
CVSS 8.8
CVE-2016-6637
CRITICAL
Pivotal Cloud Foundry <242, UAA 2.x <2.7.4.7, 3.x <3.3.0.5, 3.4.x <...
CVSS 9.6
CVE-2016-3007
HIGH
IBM Connections 4.x-4.5 CR5, 5.0 < CR4, 5.5 < CR1 - Authenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4845
HIGH
I-O DATA HVL-A2.0/A3.0/A4.0/AT1.0S/AT2.0/AT3.0/AT4.0/AT2.0A/AT3.0A/AT4.0A < 2.04 CSRF
CVSS 8.8
Details
Vulnerabilities
9,385
Exploit Likelihood
Medium