72 matches found
SQL Injection Vulnerability in RPCMS
RPCMS is an open source PHP content management system based on PHP language and MYSQL database. RPCMS has a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
CVE-2022-41474
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily change the password of any account...
CVE-2022-41475
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add an administrator account...
CVE-2022-41473
RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...
CVE-2022-41474
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily change the password of any account...
CVE-2022-41475
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add an administrator account...
CVE-2022-41473
RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...
Cross site scripting
RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...
Cross site request forgery (csrf)
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily change the password of any account...
Cross site request forgery (csrf)
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add an administrator account...
PT-2022-25880 · Rpcms · Rpcms
Name of the Vulnerable Software and Affected Versions: RPCMS version 3.0.2 Description: A reflected cross-site scripting XSS issue was found in the Search function. This could potentially allow an attacker to inject malicious scripts into the website. Recommendations: For RPCMS version 3.0.2,...
CVE-2022-41473
RPCMS 3.0.2 contains a reflected Cross-Site Scripting (XSS) vulnerability in the Search function. An attacker can inject arbitrary script in the victim’s browser, potentially stealing cookie-based credentials and enabling additional browser-based attacks. Affected product: RPCMS 3.0.2; vulnerabil...
CVE-2022-41474
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily change the password of any account...
CVE-2022-41475
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add an administrator account...
CVE-2022-41473
RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...
CVE-2022-41474
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily change the password of any account...
CVE-2022-41475
RPCMS v3.0.2 is affected by a Cross-Site Forgery (CSRF) vulnerability that allows attackers to arbitrarily add an administrator account. The incident is documented across multiple sources (NVD CVE-2022-41475, Red Hat, PRion, CNNVD, CVE listings) with a common description. The CVSS v3.1 base score...
RPCMS 跨站脚本漏洞
RPCMS is a software application. A website CMS system. A security vulnerability exists in RPCMS version v3.0.2 that stems from the inclusion of reflected cross-site scripting XSS in the search function...
CVE-2022-41473
RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...
CVE-2022-41475
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add an administrator account...