CVE-2026-41175

Statamic is a Laravel and Git powered content management system CMS. Prior to versions 5.73.20 and 6.13.0, manipulating query parameters on Control Panel and REST API endpoints, or arguments in GraphQL queries, could result in the loss of content, assets, and user accounts. The Control Panel...

PT-2026-34198

Name of the Vulnerable Software and Affected Versions WWBN AVideo versions prior to 29.1 Description Multiple JSON endpoints under 'objects/' accept state-changing requests via $ REQUEST and $ GET without anti-CSRF tokens, origin checks, or referer checks. This allows a malicious page to perform...

Ektron CMS 9.10 SP1 (Build 9.1.0.184.1.114) - Cross-Site Request Forgery

Vulnerability type: Cross-site Request Forgery Vendor: http://www.ektron.com/ Product: Ektron Content Management System Affected version: = TIMELINE – 07/04/2015: Vulnerability found – 07/04/2015: Vendor informed – 08/04/2015: Vendor responded and acknowledged - 01/05/2015: MITRE issued CVE...

Ektron CMS 9.10 SP1 - CSRF Vulnerability

Vulnerability type: Cross-site Request Forgery Vendor: http://www.ektron.com/ Product: Ektron Content Management System Affected version: = 9.10 SP1 Build 9.1.0.184.1.114 Patched version: 9.10 SP1 Build 9.1.0.184.1.120 CVE ID: CVE-2015-3624 Credit: Jerold Hoong PROOF OF CONCEPT CSRF Cross-site...