18 matches found
CVE-2022-42458
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...
EUVD-2022-45531
Malicious code in bioql PyPI...
Path traversal
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...
CVE-2022-42458
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...
CVE-2022-42458
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...
PT-2022-26441 · Bingo!Cms · Bingo!Cms
Name of the Vulnerable Software and Affected Versions: bingo!CMS versions 1.7.4.1 and earlier Description: The issue allows a remote unauthenticated attacker to upload an arbitrary file, potentially leading to the execution of an arbitrary script or alteration of a file. This is due to an...
CVE-2022-42458
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered. Recent assessments: Assessed Attacker...
CVE-2022-42458
CVE-2022-42458 affects bingo!CMS versions 1.7.4.1 and earlier, where an authentication bypass vulnerability in management functions allows remote, unauthenticated attackers to upload arbitrary files, potentially enabling arbitrary script execution or file modification. The Red Hat and JVN entries...
bingo!CMS vulnerable to authentication bypass
Overview bingo!CMS provided by Shift Tech Inc. contains an authentication bypass vulnerability CWE-288 in some of the management functions. Shift Tech Inc. states that attacks exploiting this vulnerability have been observed. Shift Tech Inc. reported this vulnerability to IPA to notify users of i...
VulnCheck KEV: CVE-2022-42458
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...
JVN#74592196: bingo!CMS vulnerable to authentication bypass
bingo!CMS provided by Shift Tech Inc. contains an authentication bypass vulnerability CWE-288 in some of the management functions. Shift Tech Inc. states that attacks exploiting this vulnerability have been observed. Impact Accessing a specific URL directly may allow a remote unauthenticated...
CVE-2009-3022
Cross-site request forgery CSRF vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors...
CVE-2009-3022
CVE-2009-3022 describes a cross-site request forgery vulnerability in bingo!CMS up to version 1.2. The issue could allow an attacker to hijack a logged-in user’s session to perform requests that modify configuration or content. The core impacted component is bingo!CMS (core and likely the 1.2 ser...
CVE-2009-3022
Cross-site request forgery CSRF vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors...
CVE-2009-3022
Cross-site request forgery CSRF vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors...
PT-2009-5362 · Bingo! · Bingo!Cms
Name of the Vulnerable Software and Affected Versions: bingo!CMS versions 1.2 and earlier Description: A cross-site request forgery issue allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content. Recommendations: For versions 1.2...
bingo!CMS core and bingo!CMS vulnerable to cross-site request forgery
Overview bingo!CMS core and bingo!CMS contain a cross-site request forgery vulnerability. bingo!CMS core and bingo!CMS are content management systems CMS. bingo!CMS core and bingo!CMS contain a cross-site request forgery vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC...