CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,389 vulnerabilities with CWE-352
CVE-2014-0831
IBM Financial Transaction Manager < 2.0.0.3 - Cross-Site Request Forgery in OAC Component
CVE-2014-0835
IBM QRadar Security Information and Event Manager < 7.2.0 - Cross-Site Request Forgery
CVE-2014-0010
Moodle < 2.2.11, 2.3.x < 2.3.11, 2.4.x < 2.4.8, 2.5.x < 2.5.4, 2.6.x < 2.6.1 - Cross-Site Request Forgery
CVE-2014-1211
VMware vCloud Director 5.1.x - Cross-Site Request Forgery via Logout Request
CVE-2014-1473
McAfee Vulnerability Manager <= 7.5.5 - Cross-Site Request Forgery in Enterprise Manager
CVE-2014-0621
Technicolor TC7200 STD6.01.12 - Cross-Site Request Forgery via Multiple Endpoints
CVE-2013-10029
MEDIUM
WordPress Exit Box Lite Plugin <= 1.06 - Cross-Site Request Forgery in exitboxadmin Function
CVSS 4.3
CVE-2013-10027
MEDIUM
Blogger Importer Plugin <0.6 - CSRF
CVSS 4.3
CVE-2013-10025
MEDIUM
Exit Strategy Plugin 1.55 - Cross-Site Request Forgery in exitpageadmin Function
CVSS 4.3
CVE-2013-4227
HIGH
Mozilla Persona 7.x-1.0-7.x-1.10 - Cross-Site Request Forgery via Non-String Security Token
CVSS 8.8
CVE-2013-4792
MEDIUM
PrestaShop < 1.4.11 - Cross-Site Request Forgery via Logout Action
CVSS 5.5
CVE-2013-2109
HIGH
wp_cleanfix - Remote Code Execution
CVSS 8.8
CVE-2013-2108
MEDIUM
WordPress WP Cleanfix Plugin 2.4.4 - Cross-Site Request Forgery
CVSS 5.4
CVE-2013-3568
HIGH
Cisco Linksys WRT110 Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2013-7053
HIGH
D-Link DIR-100 Firmware 4.03B07 - Cross-Site Request Forgery via cli.cgi
CVSS 8.8
CVE-2013-3093
HIGH
ASUS RT-N56U Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2013-4865
MEDIUM
MiCasaVerde VeraLite <1.5.408 - CSRF
CVSS 6.5
CVE-2013-3935
HIGH
Opsview < 4.4.1 and Opsview Core < 20130522 - Cross-Site Request Forgery
CVSS 8.8
CVE-2013-0196
MEDIUM
OpenShift Enterprise 1.2 - Cross-Site Request Forgery in Web Console
CVSS 6.5
CVE-2013-4665
MEDIUM
SPBAS Business Automation Software 2012 - CSRF
CVSS 6.5
CVE-2013-6811
HIGH
D-Link DSL-6740U Firmware - Cross-Site Request Forgery in Administrator Settings
CVSS 8.8
CVE-2013-3312
HIGH
Loftek Nexus 543 Firmware - Cross-Site Request Forgery via set_users.cgi
CVSS 8.8
CVE-2013-3366
HIGH
TRENDnet TEW-812DRU Firmware - Cross-Site Request Forgery
CVSS 8.8
CVE-2013-3516
MEDIUM
NETGEAR WNR3500U and WNR3500L - Cross-Site Request Forgery via Predictable Form Tokens
CVSS 6.5
CVE-2013-6275
MEDIUM
Horde Groupware < 5.1.2 - Cross-Site Request Forgery in basic.php
CVSS 6.5
Details
Vulnerabilities
9,389
Exploit Likelihood
Medium