CVE-2024-39945

A vulnerability has been found in Dahua products. After obtaining the administrator's username and password, the attacker can send a carefully crafted data packet to the interface with vulnerabilities, causing the device to crash...

Improper Authorization

Streampark is vulnerable to Improper Authorization. The vulnerability is due to the Backend service returning "Authorization" as the front-end authentication credential upon successful login, allowing users to request other users' information, including the administrator's username, password, and...

Cross site request forgery (csrf)

A Cross-site request forgery CSRF vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password...

CVE-2022-30898

A Cross-site request forgery CSRF vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password...

CVE-2018-18712

An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1...

CVE-2018-18712

An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1...

Cross site request forgery (csrf)

An issue was discovered in CScms v4.1. A Cross-site request forgery CSRF vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via /admin.php/sys/editpasssave...

CVE-2018-11527

An issue was discovered in CScms v4.1. A Cross-site request forgery CSRF vulnerability in plugins/sys/admin/Sys.php allows remote attackers to change the administrator's username and password via /admin.php/sys/editpasssave...