CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,386 vulnerabilities with CWE-352
CVE-2014-9101
Oxwall 1.7.0- SkaDate Lite 2.0 - CSRF
CVE-2014-9099
WhyDoWork AdSense 1.2 - Cross-Site Request Forgery via wp-admin/options-general.php
CVE-2014-9033
WordPress 3.7.4, 3.8.4, 3.9.2, 4.0 - Cross-Site Request Forgery in Password Reset
CVE-2014-7838
Moodle < 2.4.11 and 2.5.x < 2.5.9 - Cross-Site Request Forgery in Forum Module
CVE-2014-7836
Moodle < 2.4.11 and 2.5.x < 2.5.9 - Cross-Site Request Forgery in LTI Module
CVE-2014-5395
Huawei E5180s-22 Firmware < 21.270.21.00.00 - Cross-Site Request Forgery
CVE-2014-9027
ZTE ZXDSL 831CII - Cross-Site Request Forgery via accesslocal.cmd Parameters
CVE-2014-9019
ZTE ZXDSL 831CII - Cross-Site Request Forgery via adminpasswd.cgi
CVE-2014-9003
Lantronix xPrintServer - Cross-Site Request Forgery via RPC Action
CVE-2014-7996
Cisco Unified Computing System - Cross-Site Request Forgery
CVE-2014-8953
Php Scriptlerim Who's Who - Cross-Site Request Forgery via Admin Endpoints
CVE-2014-8948
iMember360 3.8.012-3.9.001 - Cross-Site Request Forgery via i4w_trace Parameter
CVE-2014-2178
Cisco RV180, RV180W, RV220W, and RV120W Firmware - Cross-Site Request Forgery
CVE-2014-8654
Compal Broadband Networks CH6640E/CG6640E Wireless Gateway 1.0 - CSRF
CVE-2014-8473
CA Cloud Service Management < 2014 - Cross-Site Request Forgery
CVE-2014-8523
McAfee Network Data Loss Prevention < 9.3 - Cross-Site Request Forgery
CVE-2014-8521
McAfee Network Data Loss Prevention < 9.3 - Authenticated Cross-Site Scripting
CVE-2014-4839
IBM TRIRIGA Application Platform <3.3.0.2-3.4.0.1 - CSRF
CVE-2014-6125
IBM WebSphere Portal 8.5.0 - Cross-Site Request Forgery
CVE-2014-2987
EGroupware < 1.6.001 and < 1.8006 - Cross-Site Request Forgery via Admin User Creation or Settings Modification
CVE-2014-8073
OpenMRS 2.1 - Cross-Site Request Forgery via User Form Submission
CVE-2014-7281
Tenda A32 Firmware 5.07.53_CN - Cross-Site Request Forgery via SysToolReboot
CVE-2014-8331
Huawei HiLink E3236 and E3276 - Cross-Site Request Forgery
CVE-2014-7874
HP System Management Homepage < 3.2.3 on HP-UX B.11.23 and < 3.2.8 on HP-UX B.11.31 - Cross-Site Request Forgery
CVE-2014-2358
Fox-IT DataDiode Appliance < 1.7.2 - Cross-Site Request Forgery in Administrative Web Interface
Details
Vulnerabilities
9,386
Exploit Likelihood
Medium