CVE-2021-44120

SPIP 4.0.0 is affected by a Cross Site Scripting XSS vulnerability in ecrire/public/interfaces.php, adding the function safehtml to the vulnerable fields. An editor is able to modify his personal information. If the editor has an article written and available, when a user goes to the public site...

jobsitepro-xsrf.txt

JobSitePro CSRF Vulnerability By: e.wiZz! Info: Bosnian Idiot FTW! Blog: infected.blogger.ba In the wild... Site: http://phplabs.com/demo/jobsitepro/ CSRF on demo site:...