CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,386 vulnerabilities with CWE-352
CVE-2014-4155
ZTE ZXV10 W300 Firmware W300V1.0.0a_ZRD_LK - Cross-Site Request Forgery via Admin Password Change
CVE-2014-3778
ARRIS SBG901 - Cross-Site Request Forgery in goform/RgDdns
CVE-2014-4188
Hitachi Tuning Manager <7.6.1-06,8.x <8.0.0-04 - CSRF
CVE-2014-4163
WordPress Featured Comments 1.2.1 - CSRF
CVE-2014-4162
Zyxel P-660HW-T1 v3 - Cross-Site Request Forgery via WLAN_General_1 Form
CVE-2014-3850
Member Approval 131109 - Cross-Site Request Forgery via wp-admin/options-general.php
CVE-2014-0929
IBM Connections <= 3.0.1.1 - Authenticated Cross-Site Request Forgery in Profiles Component
CVE-2014-0961
IBM Security Identity Manager and Tivoli Identity Manager - Authenticated Cross-Site Request Forgery
CVE-2014-3836
owncloud < 6.0.3 - Cross-Site Request Forgery
CVE-2014-2946
Huawei WebUI 11.010.06.01.858 - Cross-Site Request Forgery via SMS API
CVE-2014-3414
Sharetronix < 3.3 - Cross-Site Request Forgery via Admin Privilege Assignment
CVE-2014-0213
Moodle < 2.3.11, 2.4.x < 2.4.10, 2.5.x < 2.5.6, 2.6.x < 2.6.3 - Cross-Site Request Forgery in Assignment Quick-Grading
CVE-2014-3866
Usercake < 2.0.2 - Cross-Site Request Forgery via User Settings
CVE-2014-3015
IBM Sametime Proxy Server and Web Client 9.0-9.0.0.1 - Cross-Site Request Forgery
CVE-2014-3267
Cisco Security Manager < 4.6 - Cross-Site Request Forgery
CVE-2014-3845
TinyMCE Color Picker < 1.1 - Cross-Site Request Forgery
CVE-2014-3843
Search Everything < 8.1.1 - Cross-Site Request Forgery
CVE-2014-3792
Beetel 450TC2 Router Firmware TX6-0Q-005_retail - Cross-Site Request Forgery via Password Change
CVE-2014-3760
D-Link DAP 1150 Firmware 1.2.94 - Cross-Site Request Forgery in Firewall/DMZ and URL-Filter Settings
CVE-2014-0933
IBM InfoSphere Information Server Metadata Workbench 8.1-9.1 - Cross-Site Request Forgery
CVE-2014-2989
TAO 2.5.6 - Cross-Site Request Forgery via Users/add Endpoint
CVE-2014-3455
MediaWiki SemanticForms CSRF in CreateProperty, CreateTemplate, CreateForm, and CreateClass
CVE-2014-3454
MediaWiki < 1.19.10, 1.2x < 1.21.4, 1.22.x < 1.22.1 - Cross-Site Request Forgery in Special:CreateCategory
CVE-2014-0944
IBM Operational Decision Manager - Cross-Site Request Forgery in RES Console
CVE-2014-3115
FortiWeb < 5.2.0 - Cross-Site Request Forgery via Admin Add Endpoint
Details
Vulnerabilities
9,386
Exploit Likelihood
Medium