CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,385 vulnerabilities with CWE-352
CVE-2015-4630
HIGH
Koha 3.14.00-3.14.15 - Cross-Site Request Forgery via Member Entry or Flag Endpoints
CVSS 8.0
CVE-2015-7610
HIGH
Zimbra Collaboration Suite <8.6.0-8.7.11-8.8.8 - CSRF
CVSS 8.8
CVE-2015-0151
HIGH
D-Link DIR-815 Firmware < 2.07.b01 - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-2009
HIGH
IBM QRadar SIEM 7.2.0-7.2.4 - Cross-Site Request Forgery via xmlrpc.cgi
CVSS 8.8
CVE-2015-4179
HIGH
Codestyling Localization < 1.99.30 - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-5170
HIGH
Cloud Foundry Runtime cf-release < 216 - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-2878
HIGH
Hexis HawkEye G 3.0.1.4912 - Cross-Site Request Forgery via Multiple Endpoints
CVSS 8.8
CVE-2015-7715
HIGH
Realtyna RPL < 8.9.5 - Cross-Site Request Forgery via add_user Action
CVSS 8.8
CVE-2015-2143
HIGH
phpBugTracker < 1.6.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-2142
HIGH
phpBugTracker < 1.6.0 - Authenticated Cross-Site Request Forgery via Multiple Parameters
CVSS 8.0
CVE-2015-9233
HIGH
CP Contact Form with PayPal < 1.1.6 - Cross-Site Request Forgery with Resultant Cross-Site Scripting
CVSS 8.8
CVE-2015-7293
HIGH
Plone - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-5182
HIGH
Redhat Amq - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-0276
HIGH
Kallithea < 0.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-5395
HIGH
SOGo <3.1.0 - CSRF
CVSS 8.8
CVE-2015-5607
HIGH
IPython 2-3 - Cross-Site Request Forgery in REST API
CVSS 8.8
CVE-2015-4089
HIGH
WP Fastest Cache < 0.8.3.5 - Cross-Site Request Forgery via optionsPageRequest
CVSS 8.8
CVE-2015-4697
HIGH
Google Analyticator < 6.4.9.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-4619
HIGH
Spina - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-3655
HIGH
Aruba Networks ClearPass Policy Manager <6.4.7, <6.5.2 - CSRF
CVSS 8.8
CVE-2015-5258
HIGH
springframework-social <1.1.3 - CSRF
CVSS 8.8
CVE-2015-5081
HIGH
django-cms < 3.0.14 - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-4639
HIGH
Koha 3.14.x < 3.14.16, 3.16.x < 3.16.12, 3.20.x < 3.20.1 - Cross-Site Scripting via Crafted List Name
CVSS 8.8
CVE-2015-1786
HIGH
Zend Framework 2.3.0-2.3.5 - Cross-Site Request Forgery via Malformed Token Identifiers
CVSS 8.8
CVE-2015-3191
HIGH
Cloud Foundry Runtime <v209 - CSRF
CVSS 8.8
Details
Vulnerabilities
9,385
Exploit Likelihood
Medium