EUVD-2026-33615

SOPlanning is vulnerable to Cross‑Site Request Forgery CSRF in groupesave create, modify and delete endpoints. An attacker can craft a malicious website that, when visited by an authenticated user, automatically sends a forged GET or POST request to the application. This issue affects SOPlanning...

CVE-2025-50581

MRCMS v3.1.2 was discovered to contain a cross-site scripting XSS vulnerability via the component /admin/group/save.do...

MRCMS 安全漏洞

MRCMS is a content management system by the individual developers at marker. A security vulnerability exists in MRCMS version 3.1.2, which stems from mishandling of the component /admin/group/save.do, which could lead to a cross-site scripting attack...

CVE-2024-22593

FlyCms v1.0 contains a Cross-Site Request Forgery CSRF vulnerability via /system/admin/addgroupsave...

Synology Surveillance Station SQL注入漏洞

Synology Surveillance Station is an application from Synology, a Chinese company. It provides intelligent monitoring and video management tools to protect your valuable assets. A SQL injection vulnerability previously existed in Synology Surveillance Station version 9.2.0-11289, which stemmed fro...

CVE-2024-22699

FlyCms v1.0 contains a Cross-Site Request Forgery CSRF vulnerability via /system/admin/updategroupsave...

CVE-2024-22591

FlyCms v1.0 contains a Cross-Site Request Forgery CSRF vulnerability via /system/user/groupsave...

CVE-2024-22593

FlyCms v1.0 contains a Cross-Site Request Forgery CSRF vulnerability via /system/admin/addgroupsave...

PT-2024-19498 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It occurs via the "/system/admin/add group save" API endpoint. This allows for potentially unauthorized actions to be performed on behalf of an...

PT-2024-19496 · Flycms · Flycms

Name of the Vulnerable Software and Affected Versions: FlyCms version 1.0 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. It can be exploited via the /system/user/group save API endpoint. Recommendations: For FlyCms version 1.0, as a temporary workaround, consider...

FlyCms Security Vulnerability

sunkaifei FlyCms is sunkaifei open source application . A similar to Zhihu to Q&A based on the fully open source JAVA language development of social networking site builder . FlyCms security vulnerabilities , the vulnerability stems from /system/user/groupsave location cross-site request forgery...

FlyCms Security Vulnerability

sunkaifei FlyCms is sunkaifei open source application . A similar to Zhihu to Q&A based on the fully open source JAVA language development of social networking site builder . FlyCms security vulnerabilities , the vulnerability stems from /system/admin/updategroupsave location cross-site request...

CVE-2024-22593

FlyCms v1.0 contains a Cross-Site Request Forgery CSRF vulnerability via /system/admin/addgroupsave...

FlyCms 安全漏洞

FlyCms is sunkaifei open source an application . A similar to Zhihu to Q&A based on the fully open source JAVA language development of social network building program . FlyCms cross-site request forgery vulnerability , the vulnerability stems from /system/admin/addgroupsave location does not...

CVE-2018-16365

An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF...