CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,389 vulnerabilities with CWE-352
CVE-2013-6365
MEDIUM
Horde Groupware Webmail 5.1.2 - Cross-Site Request Forgery
CVSS 5.3
CVE-2013-6364
HIGH
Horde Groupware Webmail Edition - Cross-Site Request Forgery and Cross-Site Scripting in Saved Search
CVSS 8.8
CVE-2013-4848
HIGH
TP-Link TL-WDR4300 3.13.31 - Cross-Site Request Forgery
CVSS 8.8
CVE-2013-7476
HIGH
WordPress simple-fields <1.2 - CSRF
CVSS 8.8
CVE-2013-7473
HIGH
Windu CMS 2.2 - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2013-7464
HIGH
csrf-magic < 1.0.4 - Predictable Anti-CSRF Token Bypass
CVSS 8.8
CVE-2013-0185
HIGH
ManageIQ Enterprise Virtualization Manager - Cross-Site Request Forgery
CVSS 8.8
CVE-2013-7057
Axway SecureTransport < 5.1 - Cross-Site Request Forgery via File Upload API
CVE-2013-7407
Drupal MRBS Module - Cross-Site Request Forgery
CVE-2013-2645
TP-LINK WR1043N Firmware TL-WR1043ND_V1_120405 - Cross-Site Request Forgery
CVE-2013-3089
Belkin N300 - Cross-Site Request Forgery in apply.cgi
CVE-2013-3086
Belkin N900 - Cross-Site Request Forgery in util_system.html
CVE-2013-3083
Belkin F5D8236-4 v2 - Cross-Site Request Forgery via remote_mgmt_enabled and remote_mgmt_port Parameters
CVE-2013-3068
Linksys WRT310Nv2 2.0.0.1 - Cross-Site Request Forgery via apply.cgi
CVE-2013-3476
zemanta/related_posts < 2.6.2 - Cross-Site Request Forgery
CVE-2013-3258
Digg Digg < 5.3.5 - Cross-Site Request Forgery
CVE-2013-3257
WordPress Related Posts <2.7.2 - CSRF
CVE-2013-2710
WordPress Contextual Related Posts <1.8.7 - CSRF
CVE-2013-3477
Related Posts by Zemanta < 1.3.2 - Cross-Site Request Forgery
CVE-2013-2698
kieranoshea/calendar < 1.3.2 - Cross-Site Request Forgery via Calendar Entry Addition
CVE-2013-2713
KrisonAV CMS < 3.0.2 - Cross-Site Request Forgery via User Account Creation
CVE-2013-2107
Mail On Update < 5.1.0 - Cross-Site Request Forgery via mailonupdate_mailto Parameter
CVE-2013-7376
OpenX 2.8.10 - Cross-Site Request Forgery via Plugin Preferences and Settings
CVE-2013-2700
WP125 < 1.5.0 - Cross-Site Request Forgery in Add/Edit Page
CVE-2013-2034
Jenkins < 1.514 and LTS < 1.509.1 - Cross-Site Request Forgery
Details
Vulnerabilities
9,389
Exploit Likelihood
Medium