Weaknesses of type CWE-352
5,688 resultsCVE-2020-21252HIGHCross Site Request Forgery vulnerability in Neeke HongCMS 3.0.0 allows a remote attacker to execute arbitrary code and escalate privileges vEPSS 0.4%CVE-2021-4015MEDIUMCross-Site Request Forgery (CSRF) in firefly-iii/firefly-iiiEPSS 0.4%CVE-2020-23590MEDIUMA vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated remote attackeEPSS 0.4%CVE-2021-36877MEDIUMWordPress uListing plugin <= 2.0.5 - Modify User Roles via Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2024-4591MEDIUMDedeCMS sys_group_add.php cross-site request forgeryEPSS 0.4%CVE-2023-5690MEDIUMCross-Site Request Forgery (CSRF) in modoboa/modoboaEPSS 0.4%CVE-2024-4593MEDIUMDedeCMS sys_multiserv.php cross-site request forgeryEPSS 0.4%CVE-2021-36569HIGHCross Site Request Forgery vulnerability in FUEL-CMS 1.4.13 allows remote attackers to run arbitrary code via post ID to /users/delete/2.EPSS 0.4%CVE-2024-4585MEDIUMDedeCMS member_type.php cross-site request forgeryEPSS 0.4%CVE-2024-4592MEDIUMDedeCMS sys_group_edit.php cross-site request forgeryEPSS 0.4%CVE-2020-23582MEDIUMA vulnerability in the "/admin/wlmultipleap.asp" of optilink OP-XT71000N version: V2.2 could allow an unauthenticated, remote attacker to coEPSS 0.4%CVE-2021-22950—Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Credit for dEPSS 0.4%CVE-2021-4049MEDIUMCross-Site Request Forgery (CSRF) in livehelperchat/livehelperchatEPSS 0.4%CVE-2020-36534MEDIUMeasyii CMS out cross-site request forgeryEPSS 0.4%CVE-2022-20787MEDIUMCisco Unified Communications Products Cross-Site Request Forgery VulnerabilityEPSS 0.4%CVE-2019-13920—A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). Some parts of the web application are not proEPSS 0.4%CVE-2024-7661MEDIUMSourceCodester Car Driving School Management System index.php save_users cross-site request forgeryEPSS 0.4%CVE-2023-2599LOWActive Directory Integration / LDAP Integration <= 4.1.4 - Cross-Site Request Forgery to SQL InjectionEPSS 0.4%CVE-2021-36878MEDIUMWordPress uListing plugin <= 2.0.5 - Settings Update via Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.4%CVE-2021-34167HIGHCross Site Request Forgery (CSRF) vulnerability in taoCMS 3.0.2 allows remote attackers to gain escalated privileges via taocms/admin/admin.EPSS 0.4%