CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,391 vulnerabilities with CWE-352
CVE-2011-3609
MEDIUM
JBoss Application Server 7 <7.1.0 - CSRF
CVSS 6.5
CVE-2011-4952
HIGH
cobbler < 2.6.0 - Cross-Site Request Forgery via Django Web Interface
CVSS 8.8
CVE-2011-5328
HIGH
User Access Manager < 1.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2011-4403
Zen Cart 1.3.9h - Cross-Site Request Forgery via Product Management Actions
CVE-2011-5318
diafan.cms < 5.0 - Cross-Site Request Forgery via Admin Actions
CVE-2011-5316
Cambio 0.5a nightly r37 - Cross-Site Request Forgery in admin/index.php
CVE-2011-5315
whCMS 0.115 alpha - Cross-Site Request Forgery in Admin User Save Action
CVE-2011-5311
Wikipad 1.6.0 - Cross-Site Request Forgery via data[text] Parameter
CVE-2011-5306
CosmoShop ePRO 10.05.00 - Cross-Site Request Forgery in Admin Setup Edit
CVE-2011-5302
PHPDug 2.0.0 - Cross-Site Request Forgery in Admin Credential Modification
CVE-2011-5300
pommo-ardvark PR16.1 - Cross-Site Request Forgery in User Configuration
CVE-2011-5298
Argyle Social 2011-04-26 - Cross-Site Request Forgery via Users, Stream Filter Rules, or Efforts Endpoints
CVE-2011-5284
Smoothwall < 3.1 - Cross-Site Request Forgery via shutdown.cgi
CVE-2011-2908
JBoss Enterprise Portal Platform < 5.2.1 - Authenticated Cross-Site Request Forgery
CVE-2011-5226
Sentinel 1.0.0 - Cross-Site Request Forgery via Snapshot Trigger
CVE-2011-5197
Open Harvester Systems < 2.3.1 - Cross-Site Request Forgery via File Upload
CVE-2011-5196
Open Journal Systems < 2.3.6 - Cross-Site Request Forgery via File Upload
CVE-2011-5195
Open Conference Systems < 2.3.4 - Cross-Site Request Forgery via File Upload
CVE-2011-4452
WikkaWiki 1.3.1 and 1.3.2 - Cross-Site Request Forgery in AdminUsers Component
CVE-2011-4947
e107 < 0.7.26 - Cross-Site Request Forgery via user_include Parameter
CVE-2011-5131
MyBB < 1.6.5 - Cross-Site Request Forgery via Language Parameter
CVE-2011-4281
moodle 2.0.0-2.0.2 - Cross-Site Request Forgery
CVE-2011-4133
Moodle 1.9.0-1.9.10 - Cross-Site Request Forgery via RSS Block Feed Modification
CVE-2011-4298
Moodle 2.0.0-2.0.5 - Cross-Site Request Forgery in Wiki Module
CVE-2011-2085
Best Practical Solutions RT <4.0.6 - CSRF
Details
Vulnerabilities
9,391
Exploit Likelihood
Medium