XSS/CSRF Remote Code Execution in XWiki.ConfigurableClass

Impact There is a reflected XSS or also direct remote code execution vulnerability in the code for displaying configurable admin sections. The code that can be passed through a URL parameter is only executed when the user who is visiting the crafted URL has edit right on at least one configuratio...

Remote code execution

XWiki Platform is a generic wiki platform. Starting in 2.3 and prior to versions 14.10.15, 15.5.2, and 15.7-rc-1, there is a reflected XSS or also direct remote code execution vulnerability in the code for displaying configurable admin sections. The code that can be passed through a URL parameter...

WBCE CMS 跨站脚本漏洞

WBCE CMS is an open source content management system CMS based on PHP and MySQL. A security vulnerability exists in WBCE CMS v1.5.4, which originates from a cross-site scripting XSS vulnerability in /admin/pages/sectionssave.php. The vulnerability can be exploited by an attacker to execute...

FlexWATCH Authentication Bypassing

There is a vulnerability in the current version of FlexWATCH that allows an attacker to access administrative sections without being required to authenticate. SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...