Weaknesses of type CWE-352
5,692 resultsCVE-2024-12642HIGHChunghwa Telecom TenderDocTransfer - Arbitrary File WriteEPSS 0.3%CVE-2023-0398MEDIUMCross-Site Request Forgery (CSRF) in modoboa/modoboaEPSS 0.3%CVE-2022-4707MEDIUMRoyal Elementor Addons <= 1.3.59 - Cross-Site Request Forgery to Menu Template creationEPSS 0.3%CVE-2012-10012MEDIUMBestWebSoft Facebook Like Button facebook-button-plugin.php fcbk_bttn_plgn_settings_page cross-site request forgeryEPSS 0.3%CVE-2023-24048HIGHCross Site Request Forgery (CSRF) vulnerability in Connectize AC21000 G6 641.139.1.1256 allows attackers to gain control of the device via cEPSS 0.3%CVE-2024-6649MEDIUMSourceCodester Employee and Visitor Gate Pass Logging System Users.php save_users cross-site request forgeryEPSS 0.3%CVE-2021-25025—Event Calendar < 1.1.51 - Subscriber+ Event CreationEPSS 0.3%CVE-2024-28432HIGHDedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via the component /dede/article_edit.php.EPSS 0.3%CVE-2024-25418HIGHflusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_menu.php.EPSS 0.3%CVE-2024-25419HIGHflusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_menu.php.EPSS 0.3%CVE-2024-28141MEDIUMCross-Site Request-ForgeryEPSS 0.3%CVE-2024-7360MEDIUMSourceCodester Tracking Monitoring Management System ajax.php cross-site request forgeryEPSS 0.3%CVE-2024-11673MEDIUM1000 Projects Bookstore Management System cross-site request forgeryEPSS 0.3%CVE-2023-0480HIGHVitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account. This is possible becausEPSS 0.3%CVE-2023-43649MEDIUMbaserCMS CSRF vulnerability in Content preview FeatureEPSS 0.3%CVE-2021-24836—Temporary Login Without Password < 1.7.1 - Subscriber+ Plugin's Settings UpdateEPSS 0.3%CVE-2022-4867LOWCross-Site Request Forgery (CSRF) in froxlor/froxlorEPSS 0.3%CVE-2022-4849HIGHCross-Site Request Forgery (CSRF) in usememos/memosEPSS 0.3%CVE-2023-47020HIGHMultiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker throughEPSS 0.3%CVE-2021-22953—A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to clone topics which can lead to UI inconvenience, and exhaustion of diskEPSS 0.3%