CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,394 vulnerabilities with CWE-352
CVE-2008-3220
Drupal 5.x < 5.8 and 6.x < 6.3 - Cross-Site Request Forgery via Translated Strings Deletion
CVE-2008-3221
Drupal 6.x < 6.3 - Cross-Site Request Forgery via OpenID Identity Deletion
CVE-2008-3197
phpMyAdmin < 2.11.7.1 - Cross-Site Request Forgery via Database Creation and Charset Parameters
CVE-2008-3080
myWebland myBloggie 2.1.6 - Cross-Site Request Forgery in admin.php
CVE-2008-1106
Akamai Client < 3322 - Authentication Bypass via Referer Header Spoofing
CVE-2008-2531
Build A Niche Store (BANS) 3.0 - Stored Cross-Site Scripting via Search Script q Parameter
CVE-2008-2276
Mantis 1.1.1 - Cross-Site Request Forgery via manage_user_create.php
CVE-2008-2140
rPath Appliance Platform Agent 2 and 3 - Cross-Site Request Forgery via Root Password Reset
CVE-2008-2071
cPanel WHM 11.18-11.18.3 and 11.22-11.22.2 - Cross-Site Request Forgery
CVE-2008-2043
cPanel - Cross-Site Request Forgery via Multiple Frontend Endpoints
CVE-2008-2002
Motorola Surfboard SB5100-2.3.3.0-SCM00-NOSH - CSRF
CVE-2008-1977
Drupal i18n <5.x-2.3 & 6.x-1.0 - CSRF
CVE-2008-1981
E-Publish < 5.x-1.1 and < 6.x-1.0 beta1 - Cross-Site Request Forgery
CVE-2008-0165
ikiwiki < 2.41 - Cross-Site Request Forgery via Preferences and Edit Forms
CVE-2008-1719
Nuke ET 3.2 and 3.4 - Cross-Site Request Forgery
CVE-2008-1654
Adobe Flash Player - Cross-Site Request Forgery via UPnP SOAP Message
CVE-2008-0164
Plone CMS 3.0.5-3.0.6 - Cross-Site Request Forgery via Join Form and Group Privilege Pages
CVE-2008-1323
WoltLab Burning Board Lite <2 Beta 1 - CSRF
CVE-2008-1248
snom 320 SIP Phone - Cross-Site Request Forgery via Call a Number Field
CVE-2008-1250
snom 320 SIP Phone - Cross-Site Request Forgery
CVE-2008-1254
ZyXEL P-660HW - Cross-Site Request Forgery
CVE-2008-1260
Zyxel P-2602HW-D1A 3.40(AJZ.1 - CSRF
CVE-2008-1172
TorrentTrader Classic 1.08 - Cross-Site Request Forgery in account-inbox.php
CVE-2008-1149
phpMyAdmin <2.11.5 - CSRF & SQL Injection
CVE-2008-0556
OpenCA PKI < 0.9.2.5 - Cross-Site Request Forgery via RAServer
Details
Vulnerabilities
9,394
Exploit Likelihood
Medium