CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,394 vulnerabilities with CWE-352
CVE-2007-3416
web-app.org/webapp < 0.9.9.6 & web-app.net/webapp 0.9.9.3.3-0.9.9.3.4 - CSRF in Administration
CVE-2007-2589
SquirrelMail 1.4.0-1.4.9a - Cross-Site Request Forgery via IMG SRC Attribute
CVE-2007-1520
PHP-Nuke < 8.0 - Cross-Site Request Forgery via HTTP_REFERER Validation Bypass
CVE-2007-1489
web-app.org Web Automated Perl Portal 0.9.9.4-0.9.9.6 - Cross-Site Request Forgery
CVE-2007-1276
Webmin <1.330, Usermin <1.260 - XSS
CVE-2007-1157
JBoss - Cross-Site Request Forgery via jmx-console/HtmlAdaptor
CVE-2007-0044
Adobe Acrobat Reader Plugin < 8.0.0 - Cross-Site Request Forgery via FDF/XML/XFDF AJAX Parameters
CVE-2006-6741
mkportal - Cross-Site Request Forgery via img BBcode Tag
CVE-2006-6701
atmail WebMail 4.51 and 5.x < 5.03 - Cross-Site Request Forgery via HTML Email IMG SRC
CVE-2006-5175
TeraStation HD-HTGL Firmware < 2.08 - Cross-Site Request Forgery
CVE-2005-3348
phpSysInfo 2.4 - HTTP Response Splitting via Charset Parameter
CVE-2005-2059
MEDIUM
UBB.Threads < 6.5.1.1 - Cross-Site Request Forgery
CVSS 6.5
CVE-2005-1947
MEDIUM
Invision Gallery < 1.3.1 - Cross-Site Request Forgery via Albums or Delimg Actions
CVSS 4.3
CVE-2005-1674
MEDIUM
Help Center Live - Cross-Site Request Forgery via view.php
CVSS 6.5
CVE-2004-1842
HIGH
php-nuke 6.0-7.1 - Cross-Site Request Forgery via Admin.php
CVSS 8.8
CVE-2004-1995
MEDIUM
FuseTalk 2.0 - Cross-Site Request Forgery via adduser.cfm
CVSS 6.5
CVE-2004-1703
HIGH
Fusion News 3.6.1 - Cross-Site Request Forgery via BBCode Image Tag
CVSS 8.8
CVE-2004-1967
HIGH
OpenBB <= 1.0.6 - Cross-Site Request Forgery in Multiple Admin Scripts
CVSS 8.8
CVE-2002-2426
Citrix Access Essentials 1.0-2.0 and Presentation Server 3.0-4.5 - Cross-Site Request Forgery via InitialProgram Key
Details
Vulnerabilities
9,394
Exploit Likelihood
Medium