18 matches found
EUVD-2020-10191
Malware in sbrugna...
EUVD-2020-10192
Malware in sbrugna...
CVE-2020-18265
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=actaddmember"...
CVE-2020-18264
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=acteditmember"...
Simple-Log Cross-Site Request Forgery Vulnerability
Simple-Log is an open source free blog system based on PHP+MySQL. A cross-site request forgery vulnerability exists in Simple-Log v1.6, which is caused by Simple-Log not adequately verifying that requests come from trusted users. The vulnerability can be exploited to gain privileges and execute...
Simple-Log Cross-Site Request Forgery Vulnerability (CNVD-2021-40777)
Simple-Log is an open source free blog system based on PHP+MySQL. A cross-site request forgery vulnerability exists in Simple-Log v1.6, which is caused by Simple-Log not adequately verifying that requests come from trusted users. The vulnerability can be exploited to gain privileges and execute...
CVE-2020-18264
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=acteditmember"...
CVE-2020-18265
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=actaddmember"...
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=acteditmember"...
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=actaddmember"...
CVE-2020-18265
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=actaddmember"...
CVE-2020-18265
The CVE-2020-18265 entry concerns Simple-Log v1.6, where a Cross-Site Request Forgery (CSRF) vulnerability exists in the admin workflow. The reported issue states that CSRF can allow remote attackers to gain privileges and execute arbitrary code via the component Simple-Log/admin/admin.php?act=ac...
CVE-2020-18264
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=acteditmember"...
CVE-2020-18264
CVE-2020-18264 affects the open‑source blog system Simple-Log v1.6 . The issue is a Cross‑Site Request Forgery (CSRF) vulnerability that allows remote attackers to gain privileges and execute arbitrary code via the URL path Simple-Log/admin/admin.php?act=act_edit_member (and variants referenced i...
Simple-Log 跨站请求伪造漏洞
Simple-Log is an open source free blog system based on PHP+MySQL. A cross-site request forgery vulnerability exists in Simple-Log v1.6, which is caused by Simple-Log not adequately verifying that requests come from trusted users. The vulnerability can be exploited to gain privileges and execute...
Simple-Log 跨站请求伪造漏洞
Simple-Log is an open source free blog system based on PHP+MySQL. A cross-site request forgery vulnerability exists in Simple-Log v1.6, which is caused by Simple-Log not adequately verifying that requests come from trusted users. The vulnerability can be exploited to gain privileges and execute...
simple-log v1. 3. 1 injection vulnerability-vulnerability warning-the black bar safety net
Simple-Log is based on the PHP+MySQL open source free blog system, The system is lightweight and runs fast and has good scalability. Program download ---------------------------------------------- Just buy a vps, looking to install a blog system, see simple-log relatively simple, it under the...
Simple-Log 1.2 delay injection vulnerability-vulnerability warning-the black bar safety net
Vulnerability file: /user.php ! Continue to follow issetmember a function of usage. The interception of the part of the code. /includes/base.function.php ! Not a deeper layer of the call, lest everyone see the mess. As long as the POST submitted in the admin +injected into the statement to make i...