8 matches found
CVE-2026-9591
Cross-site request forgery CSRF in NewsItemApiController in SimplCommerce prior to commit 6233d73e allows an unauthenticated remote attacker to create or modify news items as an administrator via a crafted form submitted to /api/news-items, due to missing anti-CSRF protection...
CVE-2026-9591
CVE-2026-9591 documents a CSRF vulnerability in the SimplCommerce News module. The issue is in the NewsItemApiController and allows an unauthenticated remote attacker to create or modify news items as an administrator by submitting a crafted form to /api/news-items, due to missing anti-CSRF prote...
EUVD-2026-37710
Cross-site request forgery CSRF in NewsItemApiController in SimplCommerce prior to commit 6233d73e allows an unauthenticated remote attacker to create or modify news items as an administrator via a crafted form submitted to /api/news-items, due to missing anti-CSRF protection...
CVE-2026-9591 Cross-Site Request Forgery (CSRF) in SimplCommerce News Module
Cross-site request forgery CSRF in NewsItemApiController in SimplCommerce prior to commit 6233d73e allows an unauthenticated remote attacker to create or modify news items as an administrator via a crafted form submitted to /api/news-items, due to missing anti-CSRF protection...
EUVD-2008-5251
Malware in sbrugna...
EUVD-2006-6563
Malware in sbrugna...
Improper Access Control
contao/contao is vulnerable to Improper Access Control. The vulnerability is due to news feeds not filtering protected news archives, which allows an attacker to access and view restricted news items through the public RSS feed...
UtilMind Solutions Site News 1.1 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11126/info Reportedly UtilMind Solutions Site News is affected by an authentication bypass vulnerability. This issue is due to an access validation error. An unauthenticated attacker can leverage this issue to display and...