7 matches found
EUVD-2017-18605
Malware in sbrugna...
CVE-2017-9673
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account via the index.php/user/new URI or change its settings via the index.php/user/1 URI, including its password...
CVE-2017-9674
In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?returnurl=XSS exploitable as a regular or admin user...
Cross site scripting
In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?returnurl=XSS exploitable as a regular or admin user...
CVE-2017-9674
In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?returnurl=XSS exploitable as a regular or admin user...
Cross site request forgery (csrf)
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account via the index.php/user/new URI or change its settings via the index.php/user/1 URI, including its password...
CVE-2017-9673
CVE-2017-9673 affects SimpleCE 2.3.0 and arises from a Cross-Site Request Forgery (CSRF) vulnerability. The issue enables an attacker to add an administrator account (via index.php/user/new) or modify administrator settings, including the password (via index.php/user/1). Documents consistently de...