CVE-2024-37879

Improper input validation in /admin/config/save in User-friendly SVN USVN before v1.0.12 and below allows administrators to execute arbitrary code via the fields "siteTitle", "siteIco" and "siteLogo"...

PT-2024-30068 · Pligg Cms · Pligg Cms

Name of the Vulnerable Software and Affected Versions: Pligg CMS version 2.0.2 Description: A Cross-Site Request Forgery CSRF issue was discovered. The issue is related to the "/admin/admin config.php?action=save&var id=32" API endpoint. Recommendations: For Pligg CMS version 2.0.2, as a temporar...

PT-2023-17455 · Unknown · Campcodes Advanced Online Voting System

Name of the Vulnerable Software and Affected Versions: Campcodes Advanced Online Voting System version 1.0 Description: A vulnerability has been found in the system, classified as problematic. It affects unknown code of the file /admin/config save.php. The manipulation of the title argument leads...

Campcodes Advanced Online Voting System 跨站脚本漏洞

Campcodes Advanced Online Voting System is an online voting system. A cross-site scripting vulnerability exists in Campcodes Advanced Online Voting System v1.0. The vulnerability stems from the lack of effective filtering and escaping of user-supplied data in the parameter title of the file...