CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,385 vulnerabilities with CWE-352
CVE-2016-4494
HIGH
KMC Controls BAC-5051E Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4506
HIGH
Resource Data Management Intuitive 650 TDB Controller < 2.1 - Authenticated Cross-Site Request Forgery
CVSS 8.0
CVE-2016-2285
HIGH
Moxa MiiNePort E1/E2/E3 Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-2157
HIGH
Moodle < 2.6.11, 2.7.x < 2.7.13, 2.8.x < 2.8.11, 2.9.x < 2.9.5, 3.0.x < 3.0.3 - CSRF in Assignment Plugin
CVSS 8.8
CVE-2016-1201
HIGH
LOCKON EC-CUBE 3.0.0-3.0.9 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-0891
HIGH
EMC ViPR SRM < 3.6.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-1174
HIGH
casebook_plugin < 0.9.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-1172
HIGH
hiniarata casebook_plugin < 0.9.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-1170
HIGH
hiniarata casebook_plugin < 0.9.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-1175
MEDIUM
AQUOS Photo Player HN-PP150 <1.03.01.04 - CSRF
CVSS 4.3
CVE-2016-1168
HIGH
NEC Aterm WF800HP Firmware <= 1.0.17 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-1167
HIGH
NEC Aterm WG300HP Firmware < 1.0.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-1158
HIGH
Corega CG-WLBARGMH/CG-WLBARGNL - CSRF
CVSS 8.8
CVE-2016-1151
HIGH
Cybozu Office 9.9.0-10.3.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-0863
HIGH
Tollgrade SmartGrid LightHouse Sensor Mgmt - CSRF
CVSS 8.8
CVE-2016-0948
HIGH
Adobe Connect < 9.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-2199
HIGH
McAfee Vulnerability Manager < 7.5.9 - Cross-Site Request Forgery in Organizations and Remediation Management Page
CVSS 8.8
CVE-2016-1139
HIGH
KDDI HOME SPOT CUBE Firmware < 2 - Cross-Site Request Forgery
CVSS 7.5
CVE-2016-1134
HIGH
BUFFALO WHR-1166DHP/300HP2/WMR-300/BHR-4GRV2/WEX-300/600D/WMR-433/WSR-1166DHP CSRF
CVSS 8.8
CVE-2015-20117
MEDIUM
RealtyScript 4.0.2 Cross-Site Request Forgery Unauthorized User Creation
CVSS 5.3
CVE-2015-20113
MEDIUM
RealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabilities
CVSS 5.3
CVE-2015-10130
MEDIUM
Team Circle Image Slider With Lightbox <1.0 - CSRF
CVSS 5.3
CVE-2015-10125
MEDIUM
WP Ultimate CSV Importer Plugin <3.7.2 - CSRF
CVSS 4.3
CVE-2015-1391
HIGH
HP AirWave 8.0.0-8.0.7 - Cross-Site Request Forgery Protection Bypass
CVSS 8.8
CVE-2015-10116
MEDIUM
RealFaviconGenerator Favicon Plugin <1.2.12 - CSRF
CVSS 4.3
Details
Vulnerabilities
9,385
Exploit Likelihood
Medium