4 matches found
Cross Site Request Forgery (CSRF)
phpMyFAQ/phpMyFAQ is vulnerable to cross-site request forgery CSRF. The vulnerability exists because it does not check CSRF token properly in user.php, allowing the attacker to delete any active user, to remove open questions, to manipulate FAQ and FAQ news, to add votes and to add or delete...
CVE-2004-2615
The documentation for CuteNews 1.3.6 and possibly other versions specifies that files under cutenews/data must be manually given world-writable permissions, which allows local users to insert false news, delete news, and possibly gain privileges or have other unknown impact...
UtilMind Solutions Site News 1.1 - Authentication Bypass
UtilMind Solutions Site News 1.1 - Authentication Bypass source: https://www.securityfocus.com/bid/11126/info Reportedly UtilMind Solutions Site News is affected by an authentication bypass vulnerability. This issue is due to an access validation error. An unauthenticated attacker can leverage th...
UtilMind Solutions Site News 1.1 - Authentication Bypass
source: https://www.securityfocus.com/bid/11126/info Reportedly UtilMind Solutions Site News is affected by an authentication bypass vulnerability. This issue is due to an access validation error. An unauthenticated attacker can leverage this issue to display and manipulate arbitrary news items...