CVE-2023-45903

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/label/delete...

CVE-2018-16639

Typesetter 5.1 allows XSS via the index.php/Admin LABEL parameter during new page creation...

CVE-2023-45903

Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/label/delete...

Dreamer CMS Cross-Site Request Forgery Vulnerability

Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A security vulnerability exists in Dreamer CMS version v4.1.3. An attacker can exploit this vulnerability to conduct cross-site request forgery CSRF attacks via the component /admin/label/delete...

PT-2023-29757 · Unknown · Dreamer Cms

Name of the Vulnerable Software and Affected Versions: Dreamer CMS version 4.1.3 Description: A Cross-Site Request Forgery CSRF issue was discovered in Dreamer CMS via the /admin/label/delete component. This allows for unauthorized actions to be performed on behalf of a user. Recommendations: For...

CVE-2022-29684

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Label/jsdel...

CVE-2018-16639

Typesetter 5.1 allows XSS via the index.php/Admin LABEL parameter during new page creation...

CVE-2018-16639

Typesetter 5.1 allows XSS via the index.php/Admin LABEL parameter during new page creation...

Cross site scripting

Typesetter 5.1 allows XSS via the index.php/Admin LABEL parameter during new page creation...

CVE-2018-16639

Typesetter 5.1 allows XSS via the index.php/Admin LABEL parameter during new page creation...

CVE-2018-16639

CVE-2018-16639 affects Typesetter 5.1. The vulnerability allows a Cross-Site Scripting (XSS) attack via the index.php/Admin LABEL parameter during new page creation, stemming from insufficient validation of client-side data. Public sources (NVD, RH/Red Hat, OSV, CNVD, CVE List, etc.) consistently...