CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,386 vulnerabilities with CWE-352
CVE-2014-2190
Cisco Broadband Access Center for Telco and Wireless - Cross-Site Request Forgery
CVE-2014-2916
phplist < 3.0.6 - Cross-Site Request Forgery in Subscription Page Editor
CVE-2014-2186
Cisco WebEx Meetings Server - Cross-Site Request Forgery
CVE-2014-2579
XCloner < 3.5 - Cross-Site Request Forgery via Administrator Password Change or Database Backup
CVE-2014-2327
Cacti < 0.8.7g - Cross-Site Request Forgery
CVE-2014-2659
Papercut MF and NG < 14.1 - Cross-Site Request Forgery
CVE-2014-1615
Carbon Black < 4.1.0 - Cross-Site Request Forgery via API User Endpoint
CVE-2014-1990
TOSHIBA TEC e-Studio 232, 233, 282, and 283 - Cross-Site Request Forgery in TopAccess
CVE-2014-0054
Spring Framework < 3.2.8 and 4.0.0-4.0.1 - XML External Entity Injection in Jaxb2RootElementHttpMessageConverter
CVE-2014-2115
Cisco Emergency Responder < 8.6 - Cross-Site Request Forgery in CERUserServlet Pages
CVE-2014-2340
XCloner < 3.1.1 - Cross-Site Request Forgery via Backup Creation
CVE-2014-0885
IBM Lotus Protector for Mail Security 2.8.x - Authenticated Cross-Site Request Forgery
CVE-2014-0126
Moodle < 2.3.11, 2.4.x < 2.4.9, 2.5.x < 2.5.5, 2.6.x < 2.6.2 - Cross-Site Request Forgery via IMS Enterprise File Import
CVE-2014-2249
Siemens SIMATIC <1.5.0, <4.0 - CSRF
CVE-2014-0873
IBM InfoSphere Master Data Management Server 8.5-10.1 - Cross-Site Request Forgery
CVE-2014-0336
Serena Dimensions CM 12.2 build 7.199.0 - Cross-Site Request Forgery via adminconsole/ URI
CVE-2014-0745
Cisco Unified Contact Center Express Editor Software - Cross-Site Request Forgery
CVE-2014-0740
Cisco Unified Communications Manager < 10.0(1) - Cross-Site Request Forgery in CAR Interface
CVE-2014-0736
Cisco Unified Communications Manager < 10.0(1) - Cross-Site Request Forgery in CAR Page
CVE-2014-0813
phpmyfaq < 2.8.6 - Cross-Site Request Forgery
CVE-2014-1915
Command School Student Management System 1.06.01 - CSRF
CVE-2014-1694
OTRS 3.1.x < 3.1.19, 3.2.x < 3.2.14, 3.3.x < 3.3.4 - Cross-Site Request Forgery in Customer Ticket Modules
CVE-2014-0831
IBM Financial Transaction Manager < 2.0.0.3 - Cross-Site Request Forgery in OAC Component
CVE-2014-0835
IBM QRadar Security Information and Event Manager < 7.2.0 - Cross-Site Request Forgery
CVE-2014-0010
Moodle < 2.2.11, 2.3.x < 2.3.11, 2.4.x < 2.4.8, 2.5.x < 2.5.4, 2.6.x < 2.6.1 - Cross-Site Request Forgery
Details
Vulnerabilities
9,386
Exploit Likelihood
Medium