CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,385 vulnerabilities with CWE-352
CVE-2015-7278
HIGH
Amped Wireless R10000 Firmware 2.5.2.11 - Cross-Site Request Forgery
CVSS 8.8
CVE-2015-5996
HIGH
Mediabridge Medialink MWN-WAPR300N <5.07.50 - CSRF
CVSS 8.8
CVE-2015-2912
HIGH
OrientDB Server Community Edition <2.0.15 & <2.1.x - CSRF
CVSS 8.8
CVE-2015-7925
HIGH
ewon firmware < 10.0s0 - Cross-Site Request Forgery
CVSS 8.0
CVE-2015-7936
HIGH
Motorola Solutions MOSCAD IP Gateway - CSRF
CVSS 7.5
CVE-2015-8563
Joomla! 3.2.0-3.4.5 - Cross-Site Request Forgery in com_templates
CVE-2015-6378
Cisco DPQ3925 EDVA 5.5.2 - Cross-Site Request Forgery
CVE-2015-6405
Cisco Emergency Responder 10.5(1) and 10.5(1a) - Cross-Site Request Forgery
CVE-2015-6408
Cisco Unity Connection 11.5(0.98) - Cross-Site Request Forgery
CVE-2015-8131
Elasticsearch Kibana <4.1.3, <4.2 - CSRF
CVE-2015-5318
Jenkins <1.638-1.625.2 - CSRF Bypass
CVE-2015-5451
HP Operations Orchestration Central <10.22.001 - CSRF
CVE-2015-7291
Arris DG860A, TG862A, and TG862G Firmware TS0703128_100611-TS0705125D_031115 - Cross-Site Request Forgery in adv_pwd_cgi
CVE-2015-6376
Cisco TelePresence Video Communication Server X8.5.1 - Cross-Site Request Forgery
CVE-2015-7984
Horde Groupware < 5.2.11 - Cross-Site Request Forgery via Admin Shell Parameters
CVE-2015-5999
D-Link DIR-816L <2.06.B09_BETA - CSRF
CVE-2015-6373
Cisco Firepower Extensible Operating System 1.1(1.160) - Cross-Site Request Forgery
CVE-2015-6330
Cisco Prime Collaboration Assurance 10.5(1) and 10.6 - Cross-Site Request Forgery
CVE-2015-5731
WordPress < 4.2.3 - Cross-Site Request Forgery via Post Lock Action
CVE-2015-1997
IBM Security QRadar Vulnerability Manager 7.2.x - Cross-Site Request Forgery
CVE-2015-5534
Oxwall < 1.7.4 - Cross-Site Request Forgery via Maintenance Mode Parameters
CVE-2015-6493
Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 - Authenticated Cross-Site Request Forgery
CVE-2015-3967
Janitza UMG 508, 509, 511, 604, and 605 - Cross-Site Request Forgery
CVE-2015-5188
Red Hat JBoss Enterprise Application Platform < 6.4.4 and WildFly < 2.0.0 - Cross-Site Request Forgery via File Upload
CVE-2015-5665
LOCKON EC-CUBE 2.11.0-2.13.3 - Cross-Site Request Forgery via doValidToken Function
Details
Vulnerabilities
9,385
Exploit Likelihood
Medium