PT-2026-35056

Name of the Vulnerable Software and Affected Versions Zserio versions prior to 2.18.1 Description An issue exists in the readBytes and readString functions within BitStreamReader.h where the setBitPosition bounds check receives an overflowed value and is bypassed. This allows the system to attemp...

InstantCMS 跨站请求伪造漏洞

InstantCMS is a free open-source CMS developed by instantSoft. Versions of InstantCMS prior to 2.18.1 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from the lack of validation of CSRF tokens, which could allow attackers to grant users admin privileges, execute...