6 matches found
CVE-2020-19159
Cross Site Request Forgery CSRF in LaikeTui v3 allows remote attackers to execute arbitrary code via the component '/index.php?module=member&action=add'...
LaikeTui 跨站请求伪造漏洞
LaikeTui Laike E-commerce is a stable and small open source mall system for individual developers. LaikeTui suffers from a cross-site request forgery vulnerability, which stems from cross-site request forgery CSRF in LaikeTui v3 that allows remote attackers to execute arbitrary code via the...
YzmCMS YzmCMS 跨站请求伪造漏洞
YzmCMS is a lightweight open source content management system based on PHP+Mysql architecture developed by Yuan Zhimeng alone. YzmCMS 5.8 version of the existence of cross-site request forgery vulnerability, the attacker can be member/member/add.html through the use of this vulnerability to add...
CVE-2018-20603
Lei Feng TV CMS aka LFCMS 3.8.6 allows admin.php?s=/Member/add.html CSRF...
SRCMS Cross-Site Request Forgery Vulnerability (CNVD-2018-17521)
SRCMS is a security emergency response and defect management software. A cross-site request forgery vulnerability exists in SRCMS version 2.3.1. An attacker can exploit this vulnerability by adding a user account via admin.php?m=Admin&c=member&a=add...
WordPress ShopperPress v2.7 Cross Site Scripting / SQL Injection
Exploit for php platform in category web applications ShopperPress v2.7 Wordpress - Cross Site Vulnerabilities Details: ======== Multiple non persistent cross site scripting vulnerabilities are detected in the Shopperpress Premium Wordpress Theme and Addon v2.7. The vulnerability allows remote...