4 matches found
CVE-2026-9591
CVE-2026-9591 documents a CSRF vulnerability in the SimplCommerce News module. The issue is in the NewsItemApiController and allows an unauthenticated remote attacker to create or modify news items as an administrator by submitting a crafted form to /api/news-items, due to missing anti-CSRF prote...
Contao 安全漏洞
Contao is an open source Content Management System CMS developed in PHP by Contao Open Source. The system supports search engines, rights management, and CSS frameworks. A security vulnerability exists in Contao version 5.3.38 and versions prior to 5.6.1, which stems from an unfiltered protected...
Web Design Sydney SQL Injection
IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability Web Design Sydney news-item.php?id news-item.php?newsid AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.milkdigital.com.au/ Persian Gulf 4 Ever! Dork : "web design sydney...
CVE-2008-7060
Multiple cross-site scripting XSS vulnerabilities in One-News Beta 2 allow remote attackers to inject arbitrary HTML and web script via the 1 title or 2 content parameters in a news item to add.php, and the 3 itemnum, 4 author, or 5 comment parameters in a comment to index.php. NOTE: vectors 1 an...