CVE-2026-31954

CVE-2026-31954 affects Emlog prior to 2.6.7 (2.6.6 and earlier), where the delete_async action omits a call to LoginAuth::checkToken(), enabling CSRF attacks against asynchronous deletions. Root cause is the missing CSRF token validation in the delete path. Documented impact is CSRF exposure; no ...

Linux Distros Unpatched Vulnerability : CVE-2022-0335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The delete badge alignment functionality...

BIT-JOOMLA-2020-35615 [20201106] - Core - CSRF in com_privacy emailexport feature

An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing token check in the emailexport feature of comprivacy causes a CSRF vulnerability...

CVE-2023-43275

Cross-Site Request Forgery CSRF vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalogadd.php, allows attackers to create crafted web pages due to a lack of verification of the token value of the submitted form...