CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,386 vulnerabilities with CWE-352
CVE-2014-5072
HIGH
WP Security Audit Log < 1.2.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2014-5034
HIGH
Brute Force Login Protection 1.3 - Cross-Site Request Forgery via Crafted Request
CVSS 8.8
CVE-2014-1457
HIGH
Open Web Analytics < 1.5.6 - Cross-Site Request Forgery via Weak Nonce Generation
CVSS 8.8
CVE-2014-2675
MEDIUM
WP HTML Sitemap 1.2 - Cross-Site Request Forgery via Admin Page
CVSS 6.5
CVE-2014-2550
HIGH
WordPress Disable Comments <1.0.4 - CSRF
CVSS 8.8
CVE-2014-2274
HIGH
WordPress Subscribe To Comments Reloaded <140219 - CSRF
CVSS 8.8
CVE-2014-4613
MEDIUM
Piwigo < 2.6.2 - Cross-Site Request Forgery via User Addition in Administration Panel
CVSS 6.5
CVE-2014-5280
HIGH
boot2docker < 1.2.0 - Cross-Site Request Forgery via Docker Daemon TCP Connection
CVSS 8.8
CVE-2014-9502
HIGH
Drupal Open Atrium <7.x-2.26 - CSRF
CVSS 8.8
CVE-2014-0120
HIGH
Hawt.io < 1.2.2 - Cross-Site Request Forgery via Admin Terminal
CVSS 8.8
CVE-2014-3709
HIGH
Keycloak < 1.0.3.Final - Cross-Site Request Forgery in SocialResource Callback
CVSS 8.8
CVE-2014-6106
HIGH
IBM Security Identity Manager 5.1, 6.0, 7.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2014-9565
HIGH
IBM Flex System EN6131-IB6131 - CSRF
CVSS 8.8
CVE-2014-8900
HIGH
IBM UrbanCode Release <6.0.1.6-6.1.1.1 - CSRF
CVSS 8.8
CVE-2014-9694
HIGH
Huawei Tecal RH and XH Series Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2014-9137
HIGH
Huawei USG9500 < V200R001C01SPC800, USG2100/2200/5100/5500 < V300R001C00SPC900 - CSRF
CVSS 8.8
CVE-2014-9136
HIGH
Huawei FusionManager V100R002C03 V100R003C00 - Unauthenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2014-2330
Check_MK < 1.2.5i2 - Cross-Site Request Forgery in Multisite GUI
CVE-2014-6198
IBM Security Network Protection <5.3.1 - CSRF
CVE-2014-4774
IBM License Metric Tool <9.1.0.2 - CSRF
CVE-2014-6090
IBM Curam SPM CSRF in DataMappingEditorCommands, DatastoreEditorCommands, and IEGEditorCommands Servlets
CVE-2014-5361
Landesk Management Suite < 9.6 - Cross-Site Request Forgery via serverServices.aspx
CVE-2014-8925
IBM Rational ClearQuest <7.1.2.17-8.0.1.7 - CSRF
CVE-2014-6214
IBM WebSphere Portal 8.0.0-8.0.0.1 CF15 and 8.5.0 < CF05 - Cross-Site Request Forgery
CVE-2014-0151
oVirt Engine < 3.5.0 - Cross-Site Request Forgery via REST API
Details
Vulnerabilities
9,386
Exploit Likelihood
Medium