EUVD-2026-31369

Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/backend/file star. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks Yonatan Dror...

Concrete CMS 跨站请求伪造漏洞

Concrete CMS is an open-source content management system developed by Concrete CMS. Versions prior to Concrete CMS 9.5.0 had a cross-site request forgeing vulnerability. This vulnerability stemmed from the concrete/controllers/backend/file function, which was vulnerable to cross-site request...

CVE-2022-28058

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

CVE-2022-28058

Verydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \backend\filecontroller.php...

Verydows 路径遍历漏洞

Verydows is a lightweight open source e-commerce management system developed using the PHP language . Verydows v2.0 has a security vulnerability , the attacker can ackendfilecontroller.php for arbitrary file deletion...