Fallos del tipo CWE-352

5688 resultados

CVE-2021-24890HIGHScripts Organizer < 3.0 - Unauthenticated Arbitrary File UploadEPSS 0.5%CVE-2022-41996HIGHWordPress Avada premium theme <= 7.8.1 - Cross-Site Request Forgery (CSRF) vulnerabilityEPSS 0.5%CVE-2020-23589MEDIUMA vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attackEPSS 0.5%CVE-2024-22859HIGHCross-Site Request Forgery (CSRF) vulnerability in livewire before v3.0.4, allows remote attackers to execute arbitrary code getCsrfToken fuEPSS 0.5%CVE-2020-5335MEDIUMRSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could EPSS 0.5%CVE-2023-27889HIGHCross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hEPSS 0.5%CVE-2024-1315HIGHClassified Listing <= 3.0.4 - Cross-Site Request Forgery to Account Takeover via rtcl_update_user_accountEPSS 0.5%CVE-2008-3938HIGHCross-site request forgery (CSRF) vulnerability in user_admin.php in Open Media Collectors Database (OpenDb) 1.0.6 allows remote attackers tEPSS 0.5%CVE-2024-38276HIGHmoodle: CSRF risks due to misuse of confirm_sesskeyEPSS 0.5%CVE-2023-25767HIGHA cross-site request forgery (CSRF) vulnerability in Jenkins Azure Credentials Plugin 253.v887e0f9e898b and earlier allows attackers to connEPSS 0.5%CVE-2023-6766MEDIUMPHPGurukul Teacher Subject Allocation Management System Delete Course course.php cross-site request forgeryEPSS 0.5%CVE-2022-20735MEDIUMCisco SD-WAN vManage Software Cross-Site Request Forgery VulnerabilityEPSS 0.5%CVE-2022-2432HIGHEcwid Ecommerce Shopping Cart <= 6.10.23 - Cross-Site Request Forgery to Settings/Options UpdateEPSS 0.5%CVE-2022-3852HIGHVR Calendar <= 2.3.3 - Cross-Site Request ForgeryEPSS 0.5%CVE-2022-23475HIGHdalorRadius full account take overEPSS 0.5%CVE-2017-20045HIGHNavetti PricePoint cross-site request forgeryEPSS 0.5%CVE-2021-24799—Far Future Expiry Header < 1.5 - Plugin's Settings Update via CSRFEPSS 0.5%CVE-2021-39133HIGHCross-Site Request Forgery (CSRF) can run untrusted code on Rundeck serverEPSS 0.5%CVE-2021-24572—Paypal Donation < 1.3.1 - CSRF to Arbitrary Post DeletionEPSS 0.5%CVE-2021-23050—On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3 and NGINX App Protect on all versions before 3EPSS 0.5%

← anteriorpágina 27 / 285siguiente →