Fallos del tipo CWE-352

5677 resultados
CVE-2022-1599Admin Management Xtended < 2.4.5 - Post Visibility/Date/Comment Status Update via CSRFEPSS 0.6%CVE-2021-36443HIGHCross Site Request Forgery vulnerability in imcat 5.4 allows remote attackers to escalate privilege via lack of token verification.EPSS 0.6%CVE-2021-32730MEDIUMNo CSRF protection on the password change formEPSS 0.6%CVE-2021-24704Orange Form <= 1.0 - SQL Injection via CSRFEPSS 0.6%CVE-2022-1611Bulk Page Creator < 1.1.4 - Arbitrary Page Creation via CSRFEPSS 0.6%CVE-2021-41274CRITICALAuthentication Bypass by CSRF WeaknessEPSS 0.6%CVE-2022-1765Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRFEPSS 0.6%CVE-2021-43353HIGHCrisp Live Chat <= 0.31 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.6%CVE-2024-48962HIGHApache OFBiz: Bypass SameSite restrictions with target redirection using URL parameters (SSTI and CSRF leading to RCE)EPSS 0.6%CVE-2021-43559A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. The "delete related bEPSS 0.6%CVE-2022-0335A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge aliEPSS 0.6%CVE-2024-6317HIGHGenerate PDF using Contact Form 7 <= 4.1.2 - Cross-Site Request Forgery to Arbitrary File DeletionEPSS 0.6%CVE-2021-42364HIGHStetic <= 1.0.6 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.6%CVE-2021-34636HIGHCountdown and CountUp, WooCommerce Sales Timer <= 1.5.7 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.6%CVE-2021-42358HIGHContact Form With Captcha <= 1.6.2 Cross-Site Request Forgery to Reflected Cross-Site ScriptingEPSS 0.6%CVE-2024-20255HIGHA vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated,EPSS 0.6%CVE-2021-24879SupportCandy < 2.2.7 - CSRF to Cross-Site ScriptingEPSS 0.6%CVE-2021-25010Post Snippets < 3.1.4 - CSRF to Stored Cross-Site ScriptingEPSS 0.6%CVE-2022-0770Translate WordPress with GTranslate < 2.9.9 - CSRF to Account TakeoverEPSS 0.6%CVE-2020-36505Delete All Comments Easily <= 1.3 - All Comments Deletion via CSRFEPSS 0.6%