7 matches found
Umbraco CMS vulnerable to CSRF
The PageLoad function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery SSRF attacks via the url parameter...
GHSA-X34J-WXQ8-7VCM Umbraco CMS vulnerable to CSRF
The PageLoad function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery SSRF attacks via the url parameter...
CVE-2015-8813
The PageLoad function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery SSRF attacks via the url parameter...
Server side request forgery (ssrf)
The PageLoad function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery SSRF attacks via the url parameter...
CVE-2015-8813
The PageLoad function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery SSRF attacks via the url parameter...
SiteServer cms系统modal_UserView.aspx页面 sql注入漏洞
1.漏洞代码。 在Bin\UserCenter.Pages.dll文件中,UserCenter.BackgroundPages.Modal.UserView类的PageLoad方法中,可以见到如下代码: public void PageLoadobject sender, EventArgs e string text = base.Request.QueryString"UserName"; //获取UserName bool flag2; bool flag = flag2 ? 1u : 0u 4294967295u; ArrayList arrayList; if !flag if...
Zoomla 1.5 /guest/ask/MyAskList.aspx SQL注入漏洞
/Guest/ask/MyAskList.aspxprotected void PageLoadobject sender, EventArgs e string str = ""; if !base.IsPostBack DataTable table; if this.bUser.CheckLogin this.user.Text = this.bUser.GetLogin.UserName; string userName = this.bUser.GetLogin.UserName; str = " And UserName'" + userName + "'"; if...