CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,385 vulnerabilities with CWE-352
CVE-2015-0115
IBM Leads 7.x-9.1.1 CSRF Vulnerability
CVE-2015-1485
Symantec Data Loss Prevention < 12.5.2 - Cross-Site Request Forgery in Administration Console
CVE-2015-4586
Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL Firmware 1.0.0.20h.HOL - CSRF via User Account Creation
CVE-2015-4189
Cisco Data Center Analytics Framework 1.4 - Cross-Site Request Forgery
CVE-2015-4677
FiverrScript 7.2 - Cross-Site Request Forgery via Admin Creation Endpoint
CVE-2015-4659
ClickHeat < 1.1.4 - Cross-Site Request Forgery via Config Action
CVE-2015-4140
WP Smiley 1.4.1 - Cross-Site Request Forgery via s4w-more Parameter
CVE-2015-2861
Vesta Control Panel < 0.9.8-14 - Cross-Site Request Forgery
CVE-2015-2805
Alcatel-Lucent OmniSwitch Firmware < 6.4.5.r02 - Cross-Site Request Forgery via User Creation
CVE-2015-4119
ISPConfig < 3.0.5.4 - Cross-Site Request Forgery via Admin User Creation
CVE-2015-4397
Node Template module for Drupal - Cross-Site Request Forgery via Node Template Deletion
CVE-2015-4396
Keyword Research module 6.x-1.x < 6.x-1.2 - Cross-Site Request Forgery
CVE-2015-4391
CiviCRM private report module 6.x-1.x < 6.x-1.2 and 7.x-1.x < 7.x-1.3 - Cross-Site Request Forgery
CVE-2015-4390
User Import 6.x-4.x < 6.x-4.4 and 7.x-2.x < 7.x-2.3 - Cross-Site Request Forgery
CVE-2015-4383
Decisions module for Drupal - Cross-Site Request Forgery via Voter Removal
CVE-2015-4382
Invoice module 6.x-1.x < 6.x-1.2 and 7.x-1.x < 7.x-1.3 - Cross-Site Request Forgery
CVE-2015-4379
Webform Multiple File Upload 6.x-1.x < 6.x-1.3 and 7.x-1.x < 7.x-1.3 - Cross-Site Request Forgery
CVE-2015-4364
Campaign Monitor module for Drupal 7.x-1.0 - Cross-Site Request Forgery via List Subscription Management
CVE-2015-4362
Tracking Code module 7.x-1.x < 7.x-1.6 - Cross-Site Request Forgery
CVE-2015-4361
Registration codes module < 6.x-1.6 - Cross-Site Request Forgery via Registration Code Deletion
CVE-2015-4360
Registration codes module < 6.x-1.6, 6.x-2.x < 6.x-2.8, 7.x-1.x < 7.x-1.2 - Cross-Site Request Forgery
CVE-2015-4355
Watchdog Aggregator - Cross-Site Request Forgery
CVE-2015-4353
Custom Sitemap module for Drupal - Cross-Site Request Forgery via Sitemap Deletion
CVE-2015-4352
Spider Video Player for Drupal - Cross-Site Request Forgery via Video Deletion
CVE-2015-4350
Spider Catalog for Drupal - Cross-Site Request Forgery
Details
Vulnerabilities
9,385
Exploit Likelihood
Medium