CWE-352 CVEs and Security Vulnerabilities

Filtered by CWE-352

Search

Switch to Advanced Search (Beta)

Total 9091 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2012-0235	1 Advantech	1 Advantech Webaccess	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2013-6852	1 Hp	1 2620-24-poe\+ Switch	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in html/json.html on HP 2620 switches allows remote attackers to hijack the authentication of administrators for requests that change an administrative password via the setPassword method.
CVE-2013-7320	1 D-link	2 Dap 2253, Dap 2253 Firmware	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in D-Link DAP-2253 Access Point (Rev. A1) with firmware before 1.30 allows remote attackers to hijack the authentication of administrators for requests that modify configuration settings via unspecified vectors.
CVE-2013-5494	1 Cisco	2 Unified Meetingplace, Unified Meetingplace Web Conferencing	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified MeetingPlace Solution, as used in Unified MeetingPlace Web Conferencing and Unified MeetingPlace, allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCui45209 and CSCui44674.
CVE-2013-7256	1 Opsview	1 Opsview	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2013-2701	1 Linksalpha	1 Social Sharing Toolkit Plugin	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unknown vectors.
CVE-2013-2703	2 Crunchify, Wordpress	2 Facebook Members, Wordpress	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in the Facebook Members plugin before 5.0.5 for WordPress allows remote attackers to hijack the authentication of administrators for requests that modify this plugin's settings.
CVE-2013-2704	2 Metin Saylan, Wordpress	2 Dropdown Menu Widget, Wordpress	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in the Dropdown Menu Widget plugin 1.9.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences.
CVE-2013-4689	1 Juniper	1 Junos	2025-04-11	N/A
J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3 allow remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators for requests that (1) create new administrator accounts or (2) have other unspecified impacts.
CVE-2013-2707	2 Netweblogic, Wordpress	2 Login With Ajax, Wordpress	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in the Login With Ajax plugin before 3.1 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings.
CVE-2013-6883	1 Cru-inc	2 Ditto Forensic Fieldstation, Ditto Forensic Fieldstation Firmware	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors.
CVE-2013-6710	1 Cisco	1 Webex Training Center	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Training Center allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCul25567.
CVE-2013-6443	1 Redhat	3 Cloudforms, Cloudforms 3.0 Management Engine, Cloudforms Managementengine	2025-04-11	N/A
CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request.
CVE-2013-2709	2 Crunchify, Wordpress	2 Foursquare-checkins, Wordpress	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in the FourSquare Checkins plugin before 1.3 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVE-2013-6346	1 Novell	1 Zenworks Configuration Management	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE-2010-0711	1 Aspcodecms	1 Aspcode Cms	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to hijack the authentication of an administrator for requests that (1) delete users via the delete action in the ma2 parameter or (2) create administrators via the update action in the ma2 parameter.
CVE-2013-2752	1 Netgear	1 Raidiator	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in frontview/lib/np_handler.pl in NETGEAR ReadyNAS RAIDiator before 4.1.12 and 4.2.x before 4.2.24 allows remote attackers to hijack the authentication of users.
CVE-2013-2980	1 Ibm	1 Data Studio	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in the Web Console in IBM Data Studio 3.1.0 and 3.1.1 allows remote attackers to hijack the authentication of arbitrary users for requests that access monitored database information.
CVE-2011-5195	1 Public Knowledge Project	1 Open Conference Systems	2025-04-11	N/A
Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Project Open Conference Systems 2.3.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that upload a PHP file.
CVE-2013-6202	1 Hp	1 Service Manager	2025-04-11	N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in HP Service Manager 9.30, 9.31, 9.32, and 9.33 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) insert XSS sequences or (2) execute arbitrary code.

« first previous Page 233 of 455. next last »