7 matches found
CVE-2020-21881
Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...
CVE-2020-21881
Cross Site Request Forgery CSRF vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add...
Cross site scripting
Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit or admin/content/add, or the username parameter to admin/users...
CVE-2013-7474
Windu CMS 2.2 is affected by a Cross-Site Scripting (XSS) vulnerability. The flaw allows injection via the name parameter in admin/content/edit or admin/content/add, or via the username parameter in admin/users. The NVD records show a CVSS base score of 4.3 (CS: Partial integrity impact, Network ...
XiaoCms Cross-Site Request Forgery Vulnerability
XiaoCms is a lightweight content management system CMS based on PHP and MySQL and capable of running on Linux, Windows and other platforms. XiaoCms 20141229 version of admin/index.php?c=content&a=add&catid=3 URL has a cross-site request forgery vulnerability, which can be exploited by remote...
CVE-2018-19192
An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the datacontent parameter...
Cross site request forgery (csrf)
An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the datacontent parameter...