Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-352 Clear
ID Title
CVE-2017-15808 In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php.
CVE-2017-15729 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
CVE-2017-15730 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
CVE-2017-15731 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
CVE-2017-15732 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
CVE-2017-15733 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15733)
vulnerability in csrf (CVE-2017-15733). Successful exploitation can lead to full system takeover.
CVE-2017-15734 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
CVE-2017-15735 In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
CVE-2017-15645 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15645)
vulnerability in csrf (CVE-2017-15645). Successful exploitation can lead to full system takeover.
CVE-2017-12271 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12271)
vulnerability in csrf (CVE-2017-12271). Successful exploitation can lead to full system takeover.
CVE-2015-7715 Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-7715)
vulnerability in csrf (CVE-2015-7715). Successful exploitation can lead to full system takeover.
CVE-2017-14956 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-14956)
vulnerability in csrf (CVE-2017-14956). Confidential information can be exposed externally.
CVE-2014-3709 Cross-Site Request Forgery (CSRF) in csrf (CVE-2014-3709)
vulnerability in csrf (CVE-2014-3709). Successful exploitation can lead to full system takeover.
CVE-2017-14011 Cross-Site Request Forgery (CSRF) in prominent (CVE-2017-14011)
vulnerability in prominent (CVE-2017-14011). Successful exploitation can lead to full system takeover.
CVE-2017-15296 The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964.
The Java component in SAP CRM has CSRF. This is SAP Security Note 2478964.
CVE-2016-1261 Cross-Site Request Forgery (CSRF) in csrf (CVE-2016-1261)
vulnerability in csrf (CVE-2016-1261). Successful exploitation can lead to full system takeover.
CVE-2016-1265 Information Disclosure in csrf (CVE-2016-1265)
vulnerability in csrf (CVE-2016-1265). Successful exploitation can lead to full system takeover.
CVE-2016-5789 Cross-Site Request Forgery (CSRF) in jantek (CVE-2016-5789)
vulnerability in jantek (CVE-2016-5789). Successful exploitation can lead to full system takeover.
CVE-2015-2142 Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-2142)
vulnerability in csrf (CVE-2015-2142). Successful exploitation can lead to full system takeover.
CVE-2015-2143 Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-2143)
vulnerability in csrf (CVE-2015-2143). Successful exploitation can lead to full system takeover.
CVE-2017-15084 The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
The web UI in Rapid7 Metasploit before 4.14.1-20170828 allows logout CSRF, aka R7-2017-22.
CVE-2017-15063 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-15063)
vulnerability in csrf (CVE-2017-15063). Successful exploitation can lead to full system takeover.
CVE-2017-1000085 Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000085)
vulnerability in jenkins (CVE-2017-1000085). Confidential information can be exposed externally.
CVE-2017-1000090 Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000090)
vulnerability in jenkins (CVE-2017-1000090). Successful exploitation can lead to full system takeover.
CVE-2017-1000091 Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000091)
vulnerability in jenkins (CVE-2017-1000091). Risk of unauthorized operations or information disclosure.
CVE-2017-1000092 Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000092)
vulnerability in jenkins (CVE-2017-1000092). Successful exploitation can lead to full system takeover.
CVE-2017-1000093 Cross-Site Request Forgery (CSRF) in jenkins (CVE-2017-1000093)
vulnerability in jenkins (CVE-2017-1000093). Successful exploitation can lead to full system takeover.
CVE-2016-6806 Cross-Site Request Forgery (CSRF) in apache (CVE-2016-6806)
vulnerability in apache (CVE-2016-6806). Successful exploitation can lead to full system takeover. Exploitable via `Referer header`.
CVE-2017-14924 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-14924)
vulnerability in csrf (CVE-2017-14924). Successful exploitation can lead to full system takeover.
CVE-2017-14925 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-14925)
vulnerability in csrf (CVE-2017-14925). Successful exploitation can lead to full system takeover.
CVE-2015-9233 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-9233)
vulnerability in wordpress (CVE-2015-9233). Successful exploitation can lead to full system takeover.
CVE-2017-13129 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-13129)
vulnerability in csrf (CVE-2017-13129). Successful exploitation can lead to full system takeover.
CVE-2017-7969 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-7969)
vulnerability in csrf (CVE-2017-7969). Successful exploitation can lead to full system takeover.
CVE-2015-5182 Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
CVE-2015-7293 Cross-Site Request Forgery (CSRF) in plone (CVE-2015-7293)
vulnerability in plone (CVE-2015-7293). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `5.0a1` or later.
CVE-2017-14683 geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.
CVE-2015-0276 Cross-site request forgery (CSRF) vulnerability in Kallithea before 0.2.
Cross-site request forgery (CSRF) vulnerability in Kallithea before 0.2.
CVE-2017-12253 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-12253)
vulnerability in csrf (CVE-2017-12253). Successful exploitation can lead to full system takeover.
CVE-2015-5395 Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.
Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.
CVE-2015-5607 Cross-site request forgery in the REST API in IPython 2 and 3.
Cross-site request forgery in the REST API in IPython 2 and 3.
CVE-2015-4089 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-4089)
vulnerability in wordpress (CVE-2015-4089). Successful exploitation can lead to full system takeover.
CVE-2014-6106 Cross-Site Request Forgery (CSRF) in csrf (CVE-2014-6106)
vulnerability in csrf (CVE-2014-6106). Successful exploitation can lead to full system takeover.
CVE-2017-14530 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2017-14530)
vulnerability in wordpress (CVE-2017-14530). Successful exploitation can lead to full system takeover.
CVE-2016-8737 Cross-Site Request Forgery (CSRF) in apache (CVE-2016-8737)
vulnerability in apache (CVE-2016-8737). Successful exploitation can lead to full system takeover.
CVE-2017-11350 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11350)
vulnerability in csrf (CVE-2017-11350). Successful exploitation can lead to full system takeover.
CVE-2017-14267 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-14267)
vulnerability in csrf (CVE-2017-14267). Successful exploitation can lead to full system takeover.
CVE-2014-9565 Cross-Site Request Forgery (CSRF) in csrf (CVE-2014-9565)
vulnerability in csrf (CVE-2014-9565). Successful exploitation can lead to full system takeover.
CVE-2015-4619 Cross-Site Request Forgery (CSRF) in csrf (CVE-2015-4619)
vulnerability in csrf (CVE-2015-4619). Successful exploitation can lead to full system takeover.
CVE-2015-4697 Cross-Site Request Forgery (CSRF) in wordpress (CVE-2015-4697)
vulnerability in wordpress (CVE-2015-4697). Successful exploitation can lead to full system takeover.
CVE-2017-11567 Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-11567)
vulnerability in csrf (CVE-2017-11567). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →