CVE-2026-27741

Bludit version 3.16.1 contains a cross-site request forgery CSRF vulnerability in the /admin/uninstall-plugin/ and /admin/install-theme/ endpoints. The application does not implement anti-CSRF tokens or other request origin validation mechanisms for these administrative actions. An attacker can...

FreePBX 路径遍历漏洞

FreePBX formerly known as Asterisk Management Portal is a suite of tools from the FreePBX project for configuring Asterisk an IP telephony system via a GUI web-based graphical interface. A path traversal vulnerability exists in FreePBX versions 15, 16, and 17, which stems from a malicious...

ChinaSoft Unified Terminal Security Management System Client Arbitrary Uninstallation Vulnerability

ChinaSoft Unified Terminal Security Management System is a comprehensive system management software that can guarantee system security. With the loophole of arbitrary uninstallation of the client of ChinaSoft Unified Terminal Security Management System, ordinary users who do not have administrato...

gpEasy 1.6.1 Cross Site Request Forgery

============================================= gpEasy Date : 04-29-2010 Site : http://www.giudinvx.altervista.org/ Location : Naples, Italy -------------------------------------------------------- Application Info Site : http://www.gpeasy.com/ Version: 1.6.1...