CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,391 vulnerabilities with CWE-352
CVE-2011-0277
HP Power Manager <= 4.3.2 - Cross-Site Request Forgery
CVE-2011-0886
SMC SMCD3G-CCR Firmware < 1.4.0.49 - Cross-Site Request Forgery via Web Interface
CVE-2011-0535
Zikula Application Framework < 1.2.5 - Cross-Site Request Forgery via Users Module
CVE-2011-0650
Greenbone Security Assistant < 2.0 - Cross-Site Request Forgery via OMP Email Request
CVE-2011-0046
Bugzilla <3.2.10, <3.4.x-<3.4.10, <3.6.x-<3.6.4, <4.0.x-<4.0rc2 - CSRF
CVE-2011-0643
PHP Link Directory 4.1.0 - Cross-Site Request Forgery via User Configuration
CVE-2011-0642
N-13 News 3.4, 3.7, 4.0 - Cross-Site Request Forgery via User Creation
CVE-2011-0503
vam_shop <= 1.6.1 - Cross-Site Request Forgery in Admin User Management
CVE-2010-3305
HIGH
pixelpost 1.7.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2010-4241
HIGH
Tiki Wiki CMS Groupware 5.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2010-5320
MemHT Portal 4.0.1 - Cross-Site Request Forgery via admin.php Configuration Articles and Users Actions
CVE-2010-5319
Kandidat CMS 1.4.2 - Cross-Site Request Forgery via Settings, Pages, or Articles
CVE-2010-5315
BEdita < 3.0.1.2550 "betula" - Cross-Site Request Forgery via News Categories or Admin User Save
CVE-2010-5285
Collabtive 0.6.5 - Cross-Site Request Forgery in Admin User Addition
CVE-2010-5283
OpenText ECM 9.7.1 - Cross-Site Request Forgery
CVE-2010-5191
Blue Coat ProxyAV <3.2.6.1 - CSRF
CVE-2010-5088
SilverStripe <2.3.9 & <2.4.3 - CSRF
CVE-2010-5080
SilverStripe <2.3.10-2.4.4 - Info Disclosure
CVE-2010-5085
Hulihan Amethyst 0.1.5 - Cross-Site Request Forgery in admin/update_user
CVE-2010-5084
e107 < 0.7.23 - Cross-Site Request Forgery via Predictable Admin Token
CVE-2010-4881
ApPHP Calendar - Cross-Site Request Forgery via Category or Event Parameters
CVE-2010-3271
IBM WebSphere Application Server <7.0.0.13 - CSRF
CVE-2010-4750
BLOG:CMS 4.2.1.e - Cross-Site Request Forgery in admin/libs/ADMIN.php
CVE-2010-4729
Zikula < 1.2.3 - Cross-Site Request Forgery via Lost Password Form
CVE-2010-4627
MyBB < 1.4.12 - Cross-Site Request Forgery in usercp2.php
Details
Vulnerabilities
9,391
Exploit Likelihood
Medium