CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,385 vulnerabilities with CWE-352
CVE-2015-5660
eXtplorer < 2.1.7 - Cross-Site Request Forgery
CVE-2015-7366
Revive Adserver < 3.2.1 - Cross-Site Request Forgery via Crafted POST Request
CVE-2015-7364
Revive Adserver < 3.2.1 - Cross-Site Request Forgery via Empty Token Bypass
CVE-2015-2026
IBM WebSphere eXtreme Scale 7.1.0-7.1.0.3 and 7.1.1-7.1.1.1 - Authenticated Cross-Site Request Forgery
CVE-2015-0145
IBM OpenPages GRC Platform 6.2-6.2.1.1, 7.0-7.1 - Authenticated Cross-Site Request Forgery
CVE-2015-7612
McAfee Vulnerability Manager < 7.5.9 - Cross-Site Request Forgery in Organizations Page
CVE-2015-5075
X2Engine X2CRM < 5.0.9 - Cross-Site Request Forgery via User Creation
CVE-2015-6007
Web Reference Database <0.9.6 - CSRF
CVE-2015-6468
Resource Data Management Data Manager < 2.1 - Cross-Site Request Forgery
CVE-2015-6304
Cisco TelePresence Server Software 3.0(2.24) - Cross-Site Request Forgery
CVE-2015-5571
Adobe Flash Player <18.0.0.241-19.0.0.185 - CSRF
CVE-2015-5991
PLDT SpeedSurf 504AN/GAN9.8U26-4-TX-R6B018-PH.EN - CSRF
CVE-2015-2916
Securifi Almond <AL1-R201EXP10-L304-W34 & AL2-R088M - CSRF
CVE-2015-7233
Open Semantic Framework 7.x-3.x - Cross-Site Request Forgery via OSF Import Module
CVE-2015-6973
Ignite Realtime Openfire 3.10.2 - Cross-Site Request Forgery via Multiple Administrative Endpoints
CVE-2015-6966
Nibbleblog < 4.0.4 - Cross-Site Request Forgery via Admin Post Creation
CVE-2015-6965
Contact Form Generator < 2.0.1 - Cross-Site Request Forgery
CVE-2015-6944
JSP/MySQL Administrador Web 1 - Cross-Site Request Forgery via cmd Parameter
CVE-2015-5631
Canon PIXMA MG7500 Series Inkjet Printer - Cross-Site Request Forgery
CVE-2015-6827
Auto-Exchanger 5.1.0 - Cross-Site Request Forgery via Password Change Request
CVE-2015-6545
Cerb < 7.0.3 - Cross-Site Request Forgery via ajax.php saveWorkerPeek Action
CVE-2015-6728
MediaWiki < 1.23.10, 1.24.x < 1.24.3, 1.25.x < 1.25.2 - Cross-Site Request Forgery via Timing Attack
CVE-2015-6655
Pligg CMS 2.0.2 - Cross-Site Request Forgery via Admin User Addition
CVE-2015-5698
Siemens SIMATIC S7-1200 <4.1.3 - CSRF
CVE-2015-5412
HP Version Control Repository Manager < 7.4.0 - Authenticated Cross-Site Request Forgery
Details
Vulnerabilities
9,385
Exploit Likelihood
Medium