Fallos del tipo CWE-352

5711 resultados
CVE-2022-1757Pagebar < 2.70 - Arbitrary Settings Update via CSRF to Stored XSSEPSS 0.3%CVE-2023-2286MEDIUMWP Activity Log <= 4.5.0 - Cross-Site Request Forgery via ajax_run_cleanupEPSS 0.3%CVE-2024-36549HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=closeEPSS 0.3%CVE-2024-39158HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/userSys_deal.php?mudi=infoSet.EPSS 0.3%CVE-2023-3427MEDIUMSalon Booking System <= 8.4.6 - Cross-Site Request Forgery to Admin Role Change to Customer, User Meta Update via save_customerEPSS 0.3%CVE-2023-3202MEDIUMMStore API <= 3.9.6 - Cross-Site Request Forgery to Firebase Server Key UpdateEPSS 0.3%CVE-2024-39023HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via admin/info_deal.php?mudi=add&nohrefStr=closeEPSS 0.3%CVE-2024-46394HIGHFrogCMS v0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/?/user/addEPSS 0.3%CVE-2023-1029MEDIUMWP Meta SEO <= 4.5.3 - Cross-Site Request Forgery via 'regenerateSitemaps'EPSS 0.3%CVE-2021-43777MEDIUMVulnerability in Redash OAuth2 flows due to misuse of state field (should be a nonce)EPSS 0.3%CVE-2018-19948LOWThe vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerabilEPSS 0.3%CVE-2024-5943HIGHNested Pages <= 3.2.7 - Cross-Site Request Forgery to Local File InclusionEPSS 0.3%CVE-2024-40037HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userScore_deal.php?mudi=delEPSS 0.3%CVE-2023-2301MEDIUMContact Form Builder by vcita <= 4.10.3 - Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.3%CVE-2026-28495CRITICALGetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.phpEPSS 0.3%CVE-2023-27633MEDIUMWordPress Customify Plugin <= 2.10.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-40039HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/userGroup_deal.php?mudi=delEPSS 0.3%CVE-2024-35556HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/vpsSys_deal.php?mudi=infoSet.EPSS 0.3%CVE-2022-44739MEDIUMWordPress Quick Restaurant Reservations Plugin <= 1.5.4 is vulnerable to Cross Site Request Forgery (CSRF)EPSS 0.3%CVE-2024-35559HIGHidccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoMove_deal.php?mudi=rev&nohrefStr=cloEPSS 0.3%