Falhas do tipo CWE-352

5.677 resultados
CVE-2022-1918HIGHToolBar to Share <= 2.0 - Cross-Site Request Forgery to Cross-Site ScriptingEPSS 0.8%CVE-2019-17633For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of EPSS 0.8%CVE-2021-24981Directorist – Business Directory Plugin < 7.0.6.2 - CSRF to Remote File UploadEPSS 0.8%CVE-2022-0197MEDIUMCross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suiteEPSS 0.8%CVE-2024-20254CRITICALMultiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, EPSS 0.8%CVE-2021-32677HIGHCross-Site Request Forgery (CSRF) in FastAPIEPSS 0.8%CVE-2019-1874HIGHCisco Prime Service Catalog Cross-Site Request Forgery VulnerabilityEPSS 0.8%CVE-2016-9455Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). A number of scripts in Revive Adserver's user interface are vulEPSS 0.8%CVE-2021-24333Content Copy Protection & Prevent Image Save <= 1.3 - CSRF to Stored Cross-Site Scripting (XSS)EPSS 0.8%CVE-2017-6634A vulnerability in the Device Manager web interface of Cisco Industrial Ethernet 1000 Series Switches 1.3 could allow an unauthenticated, reEPSS 0.8%CVE-2021-24162Responsive Menu < 4.0.4 - CSRF to Settings UpdateEPSS 0.8%CVE-2023-0292MEDIUMQuiz And Survey Master <= 8.0.8 - Cross-Site Request Forgery to Arbitrary Media DeletionEPSS 0.8%CVE-2022-1749HIGHWPMK Ajax Finder <= 1.0.1 - Cross-Site Request Forgery to Cross-Site ScriptingEPSS 0.8%CVE-2022-0238MEDIUMCross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suiteEPSS 0.8%CVE-2022-3747HIGHBecustom <= 1.0.5.2 - Cross-Site Request ForgeryEPSS 0.8%CVE-2024-52402CRITICALWordPress Exclusive Content Password Protect plugin <= 1.1.0 - CSRF to Arbitrary File Upload vulnerabilityEPSS 0.8%CVE-2023-30525HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins Report Portal Plugin 0.5 and earlier allows attackers to connect to an attackerEPSS 0.8%CVE-2024-12955MEDIUMPHPGurukul Blood Bank & Donor Management System logout.php cross-site request forgeryEPSS 0.8%CVE-2021-25051Modal Window < 5.2.2 - RFI leading to RCE via CSRFEPSS 0.8%CVE-2016-9127Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). The password recovery form in Revive Adserver is vulnerable to EPSS 0.8%