6 matches found
CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter
CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the method parameter...
GHSA-556Q-H4VR-PGH2 CakePHP might allow remote attackers to bypass CSRF protection mechanism via the _method parameter
CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the method parameter...
DEBIAN-CVE-2015-8379
CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the method parameter...
Cross site request forgery (csrf)
CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanism via the method parameter...
CVE-2009-4155
Multiple SQL injection vulnerabilities in Eshopbuilde CMS allow remote attackers to execute arbitrary SQL commands via the sitebid parameter to 1 home-f.asp and 2 opinions-f.asp; 3 sitebid, 4 id, 5 secText, 6 client-ip, and 7 Gid parameters to more-f.asp; 8 sitebid, 9 id, 10 maid, 11 miid, 12...
Eshopbuilde CMS SQL Injection Vulnerability
No description provided by source. ================= IUT-CERT ================= Title: Eshopbuilde CMS SQL Injection Vulnerability Vendor: www.eshopbuilder.ir Dork: Design by Satcom Co Type: Input.Validation.Vulnerability SQL Injection Fix: N/A ================== nsec.ir =================...