CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,394 vulnerabilities with CWE-352
CVE-2007-6087
VigileCMS 1.4 - Cross-Site Request Forgery via changepass Module
CVE-2007-5917
Skalinks 1.5 - Cross-Site Request Forgery via Admin Account Creation
CVE-2007-5918
MS TopSites - Authenticated Cross-Site Request Forgery via uname Parameter
CVE-2007-5828
Django 0.96 - Cross-Site Request Forgery in Admin Panel
CVE-2007-5818
sBlog 0.7.3 Beta - Cross-Site Request Forgery in blocks_edit_do.php
CVE-2007-5799
IBM WebSphere Application Server <6.1.0.13 - CSRF
CVE-2007-5773
Flatnuke 3 - Cross-Site Request Forgery via File Manager dir and ffile Parameters
CVE-2007-5594
Drupal 5.x < 5.3 - Cross-Site Request Forgery via User Deletion Form
CVE-2007-5572
sphpblog 0.4.9 - Cross-Site Request Forgery via Block or Link Deletion
CVE-2007-5575
1024 CMS 1.2.5 - Cross-Site Request Forgery
CVE-2007-5384
Alcatel Speedtouch 7G Router - CSRF
CVE-2007-5251
Helm Web Hosting Control Panel 3.2.16 - Cross-Site Scripting via showOption Parameter or FileManager Path Parameters
CVE-2007-5259
Ilient SysAid 4.5.03 and 4.5.04 - Cross-Site Request Forgery
CVE-2007-5229
FeedBurner FeedSmith 2.2 - Cross-Site Request Forgery via wp-admin/options-general.php
CVE-2007-5213
AXIS 2100 Network Camera < 2.43 - Cross-Site Request Forgery via SMTP Server Change
CVE-2007-5109
FlatNuke 2.6 - Cross-Site Request Forgery via User Parameter
CVE-2007-5060
XCMS - Cross-Site Request Forgery via Password Change Functionality
CVE-2007-5032
Francisco Burzi PHP-Nuke < 1.0 - Cross-Site Request Forgery via admin.php AddAuthor Action
CVE-2007-4930
AXIS 207W Network Camera - Cross-Site Request Forgery via Admin Endpoints
CVE-2007-4893
WordPress < 2.2.3 and WordPress MU < 1.2.5a - Cross-Site Scripting via Unfiltered HTML Privilege
CVE-2007-4822
Buffalo AirStation WHR-G54S 1.20 - Cross-Site Request Forgery via res and inp Parameters
CVE-2007-4724
Apache Tomcat - Cross-Site Request Forgery via Calendar Example time and description Parameters
CVE-2007-4544
WordPress MU < 1.0 - Cross-Site Scripting via Weblog ID Parameter
CVE-2007-4541
Olate Download 3.4.2 - Cross-Site Scripting via PHP_SELF Variable and URL Tags
CVE-2007-3457
Adobe Flash Player <= 8.0.34.0 - Cross-Site Request Forgery via HTTP Referer Header
Details
Vulnerabilities
9,394
Exploit Likelihood
Medium