CVE-2026-24309 Missing Authorization check in SAP NetWeaver Application Server for ABAP

Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...

Kirby 安全漏洞

Kirby is a file-based content management system CMS from Kirby Open Source. A security vulnerability exists in Kirby versions 5.0.0 through 5.2.1, which stems from a lack of permission checking in the Content Change API that could lead to unauthorized changes...

EUVD-2025-204651

The Frontend Post Submission Manager Lite plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.2.5. This is due to missing authorization checks on the post update functionality in the fpsmlformprocess AJAX action. This makes it possible for...

EUVD-2020-23718

Malware in sbrugna...

SUSE CVE-2020-8619

In ISC BIND9 versions BIND 9.11.14 - 9.11.19, BIND 9.14.9 - 9.14.12, BIND 9.16.0 - 9.16.3, BIND Supported Preview Edition 9.11.14-S1 - 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an...

Important: rubygem-nokogiri

Issue Overview: A flaw was found in the rubygem-nokogiri package. This flaw allows malicious users to change partial contents or configurations on the system. Additionally, this vulnerability can also cause a limited denial of service in the form of interruptions in resource availability...

EUVD-2022-42551

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server...

Spoofing

Insecure direct object references IDOR vulnerability in ExpressTech Quiz And Survey Master plugin = 7.3.4 at WordPress allows attackers to change the content of the quiz...

Oci Distribution-Spec 代码问题漏洞

Oci Distribution-Spec is an Oci distribution specification. A code issue vulnerability exists in Oci Distribution-Spec that stems from the product's use of the Content-Type header to determine the document type, among other actions. An attacker could use this vulnerability to cause text content t...

CVE-2020-36140

BloofoxCMS 0.5.2.1 allows Cross-Site Request Forgery CSRF via 'mode=settings&page=editor', as demonstrated by use of 'mode=settings&page=editor' to change any file content Locally/Remotely...

CVE-2020-36140

BloofoxCMS 0.5.2.1 allows Cross-Site Request Forgery CSRF via 'mode=settings&page=editor', as demonstrated by use of 'mode=settings&page=editor' to change any file content Locally/Remotely...

Cross site request forgery (csrf)

BloofoxCMS 0.5.2.1 allows Cross-Site Request Forgery CSRF via 'mode=settings&page=editor', as demonstrated by use of 'mode=settings&page=editor' to change any file content Locally/Remotely...

WordPress Display Widgets Plugin Spammers Backdoor

A backdoor vulnerability exists in WordPress Display Widgets Plugin. Successful exploitation of this vulnerability allows remote attackers to change the effected site's content...

SkyPortal Downloads Manager 1.1 - Remote Contents Change Vuln

No description provided by source. @=======================================@ ====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG===== @=======================================@ @=Author : ByALBAYX @=Website : WWW.C4TEAM.ORG @=From : Turkish @=======================================@ @=Script :SkyPortal...

TCPDB 3.8 - Remote Content Change Bypass Vulnerabilities

No description provided by source. Securitylab.ir Application Info: Name: TCPDB Version: 3.8 Website: http://www.tcpdb.com/ Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Remote Contents Change...

CVE-2012-1216

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in PBBoard 2.1.4 allow remote attackers to hijack the authentication of administrators for requests that 1 upload a file via an add action or 2 change the contents of a file via a dit action...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in admin.php in PBBoard 2.1.4 allow remote attackers to hijack the authentication of administrators for requests that 1 upload a file via an add action or 2 change the contents of a file via a dit action...

CVE-2009-3022

Cross-site request forgery CSRF vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors...

TCPDB 3.8 Remote Content Change Bypass Vulnerabilities

No description provided by source. Securitylab.ir Application Info: Name: TCPDB Version: 3.8 Website: http://www.tcpdb.com/ Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Remote Contents Change...

TCPDB 3.8 - Remote Content Change Bypass

TCPDB 3.8 - Remote Content Change Bypass Securitylab.ir Application Info: Name: TCPDB Version: 3.8 Website: http://www.tcpdb.com/ Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: adminatsecuritylab.ir & info@securitylabdotir Vulnerability Info: Type: Remote Contents Change...