CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,389 vulnerabilities with CWE-352
CVE-2013-2754
umi.cms < 2.9 - Cross-Site Request Forgery via Admin User Addition
CVE-2013-7334
ImageCMS < 4.0.0 - Cross-Site Request Forgery via SQL Injection in q Parameter
CVE-2013-6942
Citrix NetScaler ADC < 9.3-64.4, < 10.0-77.5, < 10.1-118.7 - Cross-Site Request Forgery
CVE-2013-6202
HP Service Manager 9.30-9.33 - Cross-Site Request Forgery
CVE-2013-6167
Firefox < 27.0 - Cross-Site Request Forgery via Malformed Cookie Header
CVE-2013-6166
Google Chrome < 28.0.1500.95 - Cross-Site Request Forgery via Malformed Cookie
CVE-2013-7320
D-Link DAP-2253 Firmware < 1.30 - Cross-Site Request Forgery
CVE-2013-3098
TRENDnet TEW-812DRU <1.0.9.0 - CSRF
CVE-2013-5427
IBM InfoSphere Master Data Management Collaboration Server 10.x-11.0 - Cross-Site Request Forgery
CVE-2013-4889
Digital Signage Xibo 1.4.2 - Cross-Site Request Forgery in index.php
CVE-2013-6429
Spring Framework < 3.2.5 - XML External Entity Injection and Cross-Site Request Forgery via Unsafe XML Parsing
CVE-2013-6443
Red Hat CloudForms Management Engine < 5.2.1.6 - Cross-Site Request Forgery via Ruby on Rails Bypass
CVE-2013-6922
Seagate BlackArmor NAS 220 Firmware sg2000-2000.1331 - Cross-Site Request Forgery
CVE-2013-7204
Conceptronic CIPCAMPTIWL Camera 1.0-21.37.2.49 - CSRF
CVE-2013-7107
Icinga < 1.10.2 - Cross-Site Request Forgery
CVE-2013-6028
Atmail < 7.2 - Cross-Site Request Forgery
CVE-2013-7256
Opsview < 4.4.2 - Cross-Site Request Forgery
CVE-2013-6992
AskApache Firefox Adsense < 3.0 - Cross-Site Request Forgery via aafireadcode Parameter
CVE-2013-7251
ProjectForge < 5.3 - Cross-Site Request Forgery in Multiple Admin and Core Endpoints
CVE-2013-7223
Fat Free CRM < 0.12.1 - Cross-Site Request Forgery
CVE-2013-7209
JForum - Cross-Site Request Forgery in Admin Module
CVE-2013-7233
WordPress < 2.0.11 - Cross-Site Request Forgery via Retrospam Component
CVE-2013-5039
HOT HOTBOX Router Firmware 2.1.11 - Cross-Site Request Forgery via WifiSecurity Parameter
CVE-2013-4405
Red Hat Enterprise MRG Grid 2.4 - Cross-Site Request Forgery in Cumin Web Interface
CVE-2013-2628
idleman leed <1.4 - Cross-Site Request Forgery in action.php
Details
Vulnerabilities
9,389
Exploit Likelihood
Medium