12 matches found
CVE-2024-45265
A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...
CVE-2024-45264
A cross-site request forgery CSRF vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges...
CVE-2024-45264
A cross-site request forgery CSRF vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges...
CVE-2024-45264
A cross-site request forgery CSRF vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges...
CVE-2024-45264
A cross-site request forgery CSRF vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges...
CVE-2024-45264
A cross-site request forgery CSRF vulnerability in the admin panel in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to add a new administrator, leading to escalation of privileges...
SkySystem Arfa-CMS 安全漏洞
SkySystem Arfa-CMS is a content management system from SkySystem, Inc. A security vulnerability exists in SkySystem Arfa-CMS version 5.1.3124 and prior versions, which stems from a cross-site request forgery CSRF vulnerability in the admin panel...
CVE-2024-45265
A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...
CVE-2024-45265
A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...
CVE-2024-45265
A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...
CVE-2024-45265
A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...
CVE-2024-45265
CVE-2024-45265 affects SkySystem Arfa-CMS before 5.1.3124. The vulnerability is a SQL injection in the poll component, exploitable via the psid parameter to allow remote attackers to execute arbitrary SQL commands. Root cause is improper handling of user-supplied psid data in the poll module, lea...