Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-352 Clear
ID Title
CVE-2026-5791 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-5791)
vulnerability in csrf (CVE-2026-5791). Data can be tampered with by attackers.
CVE-2026-42091 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-42091)
vulnerability in csrf (CVE-2026-42091). Data can be tampered with by attackers.
CVE-2026-36960 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-36960)
vulnerability in csrf (CVE-2026-36960). Successful exploitation can lead to full system takeover.
CVE-2026-36956 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-36956)
vulnerability in csrf (CVE-2026-36956). Successful exploitation can lead to full system takeover.
CVE-2026-38934 Cross-Site Request Forgery (CSRF) in CVE-2026-38934 (CVE-2026-38934)
vulnerability in CVE-2026-38934 (CVE-2026-38934). Successful exploitation can lead to full system takeover.
CVE-2026-40948 Cross-Site Request Forgery (CSRF) in apache (CVE-2026-40948)
vulnerability in apache (CVE-2026-40948). Risk of unauthorized operations or information disclosure. Exploitable via ``state``.
CVE-2026-39848 Vulnerability in csrf (CVE-2026-39848)
vulnerability in csrf (CVE-2026-39848). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `1.1.0` or later.
CVE-2026-4984 Vulnerability in CVE-2026-4984 (CVE-2026-4984)
vulnerability in CVE-2026-4984 (CVE-2026-4984). Confidential information can be exposed externally.
CVE-2016-20028 Cross-Site Request Forgery (CSRF) in CVE-2016-20028 (CVE-2016-20028)
vulnerability in CVE-2016-20028 (CVE-2016-20028). Risk of unauthorized operations or information disclosure.
CVE-2026-27609 Cross-Site Request Forgery (CSRF) in csrf (CVE-2026-27609)
vulnerability in csrf (CVE-2026-27609). Data can be tampered with by attackers. Exploitable via `POST /apps/`.
CVE-2026-23950 Vulnerability in isaacs (CVE-2026-23950)
vulnerability in isaacs (CVE-2026-23950). Data can be tampered with by attackers. Exploitable via ``PathReservations``.
CVE-2025-1927 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-1927)
vulnerability in csrf (CVE-2025-1927). Data can be tampered with by attackers.
CVE-2025-11022 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-11022)
vulnerability in csrf (CVE-2025-11022). Successful exploitation can lead to full system takeover.
CVE-2025-13296 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-13296)
vulnerability in csrf (CVE-2025-13296). Risk of unauthorized operations or information disclosure.
CVE-2025-56400 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-56400)
vulnerability in csrf (CVE-2025-56400). Successful exploitation can lead to full system takeover.
CVE-2025-56009 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-56009)
vulnerability in csrf (CVE-2025-56009). Risk of unauthorized operations or information disclosure.
CVE-2025-60535 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-60535)
vulnerability in csrf (CVE-2025-60535). Risk of unauthorized operations or information disclosure.
CVE-2025-60956 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-60956)
vulnerability in csrf (CVE-2025-60956). Successful exploitation can lead to full system takeover.
CVE-2025-0610 Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request...
Cross-Site Request Forgery (CSRF) vulnerability in Akınsoft QR Menü allows Cross Site Request...
CVE-2025-50847 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-50847)
vulnerability in csrf (CVE-2025-50847). Risk of unauthorized operations or information disclosure.
CVE-2023-2533 KEV [KEV] Cross-Site Request Forgery (CSRF) in Papercut ngmf (CVE-2023-2533)
vulnerability in Papercut ngmf (CVE-2023-2533). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2025-50586 StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
StudentManage v1.0 was discovered to contain Cross-Site Request Forgery (CSRF).
CVE-2024-11142 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-11142)
vulnerability in csrf (CVE-2024-11142). Successful exploitation can lead to full system takeover.
CVE-2025-26570 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-26570)
vulnerability in csrf (CVE-2025-26570). Risk of unauthorized operations or information disclosure.
CVE-2025-26569 Cross-Site Request Forgery (CSRF) in csrf (CVE-2025-26569)
vulnerability in csrf (CVE-2025-26569). Risk of unauthorized operations or information disclosure.
CVE-2024-57523 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-57523)
vulnerability in csrf (CVE-2024-57523). Data can be tampered with by attackers.
CVE-2024-48418 Cross-Site Request Forgery (CSRF) in edimax (CVE-2024-48418)
vulnerability in edimax (CVE-2024-48418). Successful exploitation can lead to full system takeover.
CVE-2024-37774 Cross-Site Request Forgery (CSRF) in csrf (CVE-2024-37774)
vulnerability in csrf (CVE-2024-37774). Successful exploitation can lead to full system takeover.
CVE-2014-100005 KEV [KEV] Cross-Site Request Forgery (CSRF) in D-link dir-600-router (CVE-2014-100005)
vulnerability in D-link dir-600-router (CVE-2014-100005). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
CVE-2023-6676 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-6676)
vulnerability in csrf (CVE-2023-6676). Successful exploitation can lead to full system takeover.
CVE-2023-47326 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47326)
vulnerability in csrf (CVE-2023-47326). Successful exploitation can lead to full system takeover.
CVE-2023-47322 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-47322)
vulnerability in csrf (CVE-2023-47322). Successful exploitation can lead to full system takeover.
CVE-2023-45992 Cross-Site Scripting (XSS) in csrf (CVE-2023-45992)
cross-site scripting in csrf (CVE-2023-45992). Successful exploitation can lead to full system takeover.
CVE-2023-41452 Cross-Site Request Forgery (CSRF) in phpkobo (CVE-2023-41452)
vulnerability in phpkobo (CVE-2023-41452). Successful exploitation can lead to full system takeover.
CVE-2023-43278 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-43278)
vulnerability in csrf (CVE-2023-43278). Successful exploitation can lead to full system takeover.
CVE-2023-39061 Cross-Site Request Forgery (CSRF) in csrf (CVE-2023-39061)
vulnerability in csrf (CVE-2023-39061). Risk of unauthorized operations or information disclosure.
CVE-2022-40488 ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF).
ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF).
CVE-2022-43340 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-43340)
vulnerability in csrf (CVE-2022-43340). Successful exploitation can lead to full system takeover.
CVE-2018-14519 Cross-Site Request Forgery (CSRF) in csrf (CVE-2018-14519)
vulnerability in csrf (CVE-2018-14519). Risk of unauthorized operations or information disclosure.
CVE-2022-26173 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-26173)
vulnerability in csrf (CVE-2022-26173). Successful exploitation can lead to full system takeover.
CVE-2020-19964 Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-19964)
vulnerability in csrf (CVE-2020-19964). Data can be tampered with by attackers.
CVE-2020-20586 Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-20586)
vulnerability in csrf (CVE-2020-20586). Data can be tampered with by attackers.
CVE-2021-31659 Cross-Site Request Forgery (CSRF) in csrf (CVE-2021-31659)
vulnerability in csrf (CVE-2021-31659). Successful exploitation can lead to full system takeover.
CVE-2021-26216 SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
CVE-2021-26215 SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
CVE-2020-35273 Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-35273)
vulnerability in csrf (CVE-2020-35273). Successful exploitation can lead to full system takeover.
CVE-2020-28858 Cross-Site Request Forgery (CSRF) in openasset (CVE-2020-28858)
vulnerability in openasset (CVE-2020-28858). Successful exploitation can lead to full system takeover.
CVE-2020-23451 Cross-Site Request Forgery (CSRF) in csrf (CVE-2020-23451)
vulnerability in csrf (CVE-2020-23451). Successful exploitation can lead to full system takeover.
CVE-2020-15711 In MISP before 2.4.129, setting a favourite homepage was not CSRF protected.
In MISP before 2.4.129, setting a favourite homepage was not CSRF protected.
CVE-2022-30014 Cross-Site Request Forgery (CSRF) in csrf (CVE-2022-30014)
vulnerability in csrf (CVE-2022-30014). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →