3 matches found
PT-2019-13298 · Ignited · Ignited Cms
Name of the Vulnerable Software and Affected Versions: Ignited CMS versions prior to 2017-02-19 Description: The issue allows for Cross-Site Request Forgery CSRF attacks, enabling an attacker to add an administrator account. This is related to the /index.php/admin/permissions endpoint...
CVE-2018-19469
ArticleCMS through 2017-02-19 has XSS via the /updatepersonalinfomation realname or email parameter...
Design/Logic Flaw
ArticleCMS through 2017-02-19 has XSS via the /updatepersonalinfomation realname or email parameter...