12 matches found
CVE-2022-41473
RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...
CVE-2022-41474
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily change the password of any account...
CVE-2022-41473
RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...
Cross site scripting
RPCMS v3.0.2 was discovered to contain a reflected cross-site scripting XSS vulnerability in the Search function...
Cross site request forgery (csrf)
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily change the password of any account...
Cross site request forgery (csrf)
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add an administrator account...
CVE-2022-41473
RPCMS 3.0.2 contains a reflected Cross-Site Scripting (XSS) vulnerability in the Search function. An attacker can inject arbitrary script in the victim’s browser, potentially stealing cookie-based credentials and enabling additional browser-based attacks. Affected product: RPCMS 3.0.2; vulnerabil...
CVE-2022-41474
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily change the password of any account...
CVE-2022-41475
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add an administrator account...
CVE-2022-41475
RPCMS v3.0.2 is affected by a Cross-Site Forgery (CSRF) vulnerability that allows attackers to arbitrarily add an administrator account. The incident is documented across multiple sources (NVD CVE-2022-41475, Red Hat, PRion, CNNVD, CVE listings) with a common description. The CVSS v3.1 base score...
CVE-2022-41475
RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add an administrator account...
CVE-2022-41474
RPCMS v3.0.2 is affected by a Cross-Site Request Forgery (CSRF) that allows attackers to arbitrarily change the password of any account. The CVE entry documents this CSRF issue as the underlying vulnerability; there are no public details in the provided documents about the exact root cause, affec...