CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,391 vulnerabilities with CWE-352
CVE-2012-2069
Wishlist 6.x-2.x < 6.x-2.6 and 7.x-2.x < 7.x-2.6 - Cross-Site Request Forgery via wl_reveal or q Parameters
CVE-2012-4753
owncloud < 4.0.4 - Cross-Site Request Forgery
CVE-2012-4393
ownCloud < 4.0.6 - Cross-Site Request Forgery in Multiple AJAX Endpoints
CVE-2012-4391
owncloud < 4.0.7 - Cross-Site Request Forgery in appconfig.php
CVE-2012-4386
Apache Struts 2.0.0-2.3.4 - Cross-Site Request Forgery via Token Name Parameter
CVE-2012-4746
ZTE ZXDSL 831IIV7.5.0a_Z29_OV - CSRF
CVE-2012-2116
Commerce Reorder < 7.x-1.0 - Cross-Site Request Forgery
CVE-2012-3309
IBM InfoSphere Guardium < 8.2 - Cross-Site Request Forgery in Account Creation Panel
CVE-2012-0308
Symantec Messaging Gateway <10.0 - CSRF
CVE-2012-2128
DokuWiki 2012-01-25 Angua - Cross-Site Request Forgery
CVE-2012-1921
Sitecom WLM-2501 - Cross-Site Request Forgery via pskValue Parameter
CVE-2012-3294
IBM WebSphere MQ File Transfer Edition < 7.0.4 and WebSphere MQ Managed File Transfer 7.5 - Cross-Site Request Forgery
CVE-2012-2155
CDN2 Video module 6.x for Drupal - Cross-Site Request Forgery
CVE-2012-2080
Node Limit Number < 6.x-1.2 - Cross-Site Request Forgery via Limit Deletion
CVE-2012-2077
ShareThis module 7.x-2.x - Cross-Site Request Forgery via Non-Form API Vectors
CVE-2012-4326
AlstraSoft Site Uptime Enterprise - Cross-Site Request Forgery in commonsettings.php
CVE-2012-4325
Utopia News Pro < 1.4.0 - Cross-Site Request Forgery via upload/users.php
CVE-2012-4324
PHPJabbers Vacation Rental Script - Cross-Site Request Forgery via AdminUsers Create Action
CVE-2012-2097
Autosave < 6.x-2.9 - Cross-Site Request Forgery
CVE-2012-4280
Free Realty 3.1-0.6 - Cross-Site Request Forgery in Agent Editor
CVE-2012-4252
MySQLDumper 1.24.4 - Cross-Site Request Forgery via Multiple Administrative Actions
CVE-2012-2602
SolarWinds Orion NPM <10.3.1 - CSRF
CVE-2012-4059
SocketMail Pro 2.2.9 - Cross-Site Request Forgery via Secret Question Update
CVE-2012-2307
plaatsoft addressbook < 6.x-4.2 - Cross-Site Request Forgery
CVE-2012-2305
Node Gallery < 6.x-3.1 - Cross-Site Request Forgery
Details
Vulnerabilities
9,391
Exploit Likelihood
Medium