CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,392 vulnerabilities with CWE-352
CVE-2009-4555
AgoraCart 5.2.005, 5.2.006 and GOLD 5.5.005 - Cross-Site Request Forgery
CVE-2009-4517
nanwich faq_ask < 6.x-2.0 - Cross-Site Request Forgery
CVE-2009-1797
APC Network Management Card and Switched Rack PDU - Cross-Site Request Forgery
CVE-2009-4407
PyForum 1.0.3 - Cross-Site Request Forgery
CVE-2009-3580
Sql-ledger - Cross-Site Request Forgery
CVE-2009-4385
Scriptsez.net Ez Poll Hoster - CSRF
CVE-2009-4365
ScriptsEz Ez Blog 1.0 - Cross-Site Request Forgery in admin.php
CVE-2009-4349
Link Up Gold 5.0 - Cross-Site Request Forgery in Administrative Account Creation
CVE-2009-4297
Moodle 1.8-1.8.10 and 1.9-1.9.6 - Cross-Site Request Forgery
CVE-2009-4173
CutePHP CuteNews 1.4.6 and UTF-8 CuteNews < 8b - Cross-Site Request Forgery via Edit Users Action
CVE-2009-4121
Quick.CMS and Quick.CMS.Lite 2.4 - Cross-Site Request Forgery via Admin Page Deletion
CVE-2009-4120
Quick.Cart 3.4 - Cross-Site Request Forgery via Admin Orders-Delete Action
CVE-2009-4092
Simplog 0.9.3.2 - Cross-Site Request Forgery in user.php
CVE-2009-4079
Redmine < 0.8.5 - Cross-Site Request Forgery via Ticket Deletion
CVE-2009-4077
Roundcube Webmail < 0.2.2 - Cross-Site Request Forgery
CVE-2009-4076
Roundcube Webmail < 0.2.2 - Cross-Site Request Forgery
CVE-2009-4066
PHPList Integration module <5.x-1.2,6.x-1.1 - CSRF
CVE-2009-2746
IBM WebSphere Application Server <7.0.0.7 - CSRF
CVE-2009-2816
Safari < 4.0.4 - Cross-Site Request Forgery via CORS OPTIONS Request
CVE-2009-3922
Drupal User Protect <5.x-1.4 & 6.x-1.3 - CSRF
CVE-2009-3633
TYPO3 < 4.0.12 - Cross-Site Scripting via t3lib_div::quoteJSvalue API Function
CVE-2009-3785
Simplenews Statistics 6.x < 6.x-2.0 - Cross-Site Request Forgery
CVE-2009-3784
Simplenews Statistics < 6.x-2.0 - Open Redirect
CVE-2009-3759
HIGH
Citrix XenCenterWeb - Cross-Site Request Forgery via Password Change or VM Stop
CVSS 8.8
CVE-2009-3656
Shared Sign-On 5.x and 6.x - Cross-Site Request Forgery
Details
Vulnerabilities
9,392
Exploit Likelihood
Medium