WordPress FuseWP plugin unauthorized data modification vulnerability

WordPress FuseWP plugin is a WordPress plugin for creating and managing multilingual websites. WordPress FuseWP plugin suffers from an unauthorized modification of data vulnerability that stems from a lack of capability check in the savechanges function, which can be exploited by an attacker to a...

Flatnux CMS 2011 08.09.2 CSRF / XSS / Directory Traversal

Title: ====== Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities Date: ===== 2012-04-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=487 VL-ID: ===== 487 Introduction: ============= Flatnux is no database CMS for accessible websites, corporate websites, e-commer...