CVE-2020-25262

PyroCMS 3.7 is vulnerable to cross-site request forgery CSRF via the admin/pages/delete/ URI: pages will be deleted...

CVE-2020-25262

PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/pages/delete/ URI, which can cause pages to be deleted. The issue is documented across multiple sources (e.g., NVD/Red Hat/OSV/GHSA) with CSRF as the root cause. No explicit exploit details or mitigations are provided in...

CVE-2020-25263

CVE-2020-25263 : PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/addons/uninstall/anomaly.module.blocks URI, allowing an arbitrary plugin to be deleted. The connected documents consistently describe the CSRF vulnerability in PyroCMS 3.7 and reference the same URI path...

CVE-2020-25263

PyroCMS 3.7 is vulnerable to cross-site request forgery CSRF via the admin/addons/uninstall/anomaly.module.blocks URI: an arbitrary plugin will be deleted...

pyrocms 2.1.1 - Multiple Vulnerabilities

No description provided by source. PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it was bui...

PyroCMS "email"跨站脚本漏洞

PyroCMS是一款内容管理系统。 由于传递到index.php/register中"email" POST参数的输入在返回用户前未能正确过滤，攻击者可以利用漏洞在受影响站点上下文的用户浏览器会话中执行任意HTML和脚本代码。 0 PyroCMS 2.2.3 目前厂商暂无提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： https://www.pyrocms.com/...

pyrocms 2.1.1 - Multiple Vulnerabilities

pyrocms 2.1.1 - Multiple Vulnerabilities PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it w...

pyrocms 2.1.1 - Multiple Vulnerabilities

PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it was built with modularity in mind...

PyroCMS 2.1.1 CRLF Injection / Stored Cross Site Scripting

Exploit for php platform in category web applications PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC...

PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability

Summary PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it was built with modularity in mind. Lightweight, themeable and dynamic. Description PyroCMS suffers from a stored XSS and HTTP Response Splitting vulnerability when parsing user input to the 'title' an...

PyroCMS 2.1.1 CRLF Injection / Stored Cross Site Scripting

PyroCMS 2.1.1 CRLF Injection And Stored XSS Vulnerability Vendor: HappyNinjas Ltd Product web page: http://www.pyrocms.com Affected version: 2.1.1 Community Summary: PyroCMS is a CMS built using the CodeIgniter PHP framework. Using an MVC architecture it was built with modularity in mind...

PyroCMS 1.1.0 Cross Site Scripting

------------------------------------------------------------------------ Software................PyroCMS 1.1.0 Vulnerability...........Persistent Cross-site Scripting Threat Level............Moderate 2/5 Download................http://pyrocms.com/ Vendor Contact Date.....3/11/2011 Disclosure...

PyroCMS 0.9.9.1 Cross Site Request Forgery

input type="hidden" name="btnAction" value="sav...