PT-2020-12327 · Ellislab · Codeigniter

Name of the Vulnerable Software and Affected Versions: CodeIgniter versions through 4.0.0 Description: The issue allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. However, it is argued by a contributor to the CodeIgniter framework that the...

Alkacon OpenCms Cross-Site Request Forgery Vulnerability

Alkacon OpenCms is the German Alkacon Software's set of open source Java and XML-based content management system CMS. The system supports template engine , WYSIWYG editor and so on. A cross-site request forgery vulnerability exists in the system/workplace/admin/accounts/userrole.jsp file in Alkac...