CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,390 vulnerabilities with CWE-352
CVE-2012-6493
Rapid7 Nexpose < 5.5.4 - Cross-Site Request Forgery via Site Deletion Request
CVE-2012-6631
Vessio NetBill 1.2 - Cross-Site Request Forgery via Admin Account Addition
CVE-2012-6629
Newsletter Manager < 1.0.2 - Cross-Site Request Forgery
CVE-2012-5394
MediaWiki <1.19.9, <1.20.8, <1.21.3 - CSRF
CVE-2012-0826
Drupal 6.x < 6.23 and 7.x < 7.11 - Cross-Site Request Forgery in Aggregator Module
CVE-2012-4084
Cisco Unified Computing System - Cross-Site Request Forgery in Fabric Interconnect Web-Management Interface
CVE-2012-5950
IBM TRIRIGA Application Platform 2.x-3.x < 3.3 and 8 - Cross-Site Request Forgery via html/en/default/ or saveProps.jsp
CVE-2012-3532
JBoss Enterprise Portal Platform < 5.2.2 - Cross-Site Request Forgery
CVE-2012-6134
omniauth-oauth2 < 1.1.1 - Cross-Site Request Forgery
CVE-2012-5216
HP ProCurve Switch Software < VA.02.09 - Cross-Site Request Forgery
CVE-2012-5763
IBM Netezza WebAdmin 6.0.5, 6.0.8, and 7.0 - Cross-Site Request Forgery
CVE-2012-6103
Moodle 2.2.x-2.2.7 2.3.x-2.3.4 2.4.x-2.4.1 - Cross-Site Request Forgery in Messaging System
CVE-2012-6518
diy-cms 1.0 - Cross-Site Request Forgery via Poll Module
CVE-2012-6508
NetArt Media Car Portal 3.0 - Cross-Site Request Forgery in Admin Security Module
CVE-2012-1922
Sitecom WLM-2501 - Cross-Site Request Forgery in Multiple Admin Forms
CVE-2012-6434
e107 1.0.2 - Cross-Site Request Forgery via download.php Parameters
CVE-2012-6433
e107 1.0.1 - Cross-Site Request Forgery via News Title Parameter
CVE-2012-5992
Cisco Wireless LAN Controller Software CSRF via Admin Account Creation or XSS
CVE-2012-5178
welcart_plugin < 1.2.2 - Cross-Site Request Forgery
CVE-2012-5622
OpenShift 0.0.5 - Cross-Site Request Forgery in Management Console
CVE-2012-4608
EMC RSA NetWitness Informer <2.0.5.6 - CSRF
CVE-2012-5556
Drupal RESTWS <7.x-1.1, <7.x-2.0-alpha3 - CSRF
CVE-2012-5549
Time Spent module for Drupal 6.x and 7.x - Cross-Site Request Forgery
CVE-2012-5547
Search API module 7.x-1.x < 7.x-1.3 - Cross-Site Request Forgery via Server or Index Enable Actions
CVE-2012-5542
Drupal Commerce Extra Panes <7.x-1.1 - CSRF
Details
Vulnerabilities
9,390
Exploit Likelihood
Medium