24 matches found
Nextcloud Social app 访问控制错误漏洞
Nextcloud Nextcloud Social app is a social application from Nextcloud Germany. An access control error vulnerability exists in version 0.3.1 of the Nextcloud Social app. The vulnerability is related to the control system of the affected version not properly handling user access requests. There is...
idreamsoft iCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-12121)
iCMS is an efficient and simple content management system built with PHP and MySQL. A cross-site request forgery vulnerability exists in idreamsoft iCMS 7.0.14 and earlier versions, which can be exploited by an attacker to delete a user's posts via public/api.php?app=user URI...
Vanilla: Abusing "Report as abuse" functionality to delete any user's post.
Hi Team, Greetings!! Description: I would like to report a vulnerability that can be used to delete any user’s post by abusing “Report an abuse” function within application. After specific number of reports submitted to server, it automatically deletes that post of user. Application has...
Moodle CMS Multiple Vulnerabilities
This host is running Moodle CMS and is prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: gbmoodlecmsmultvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ Moodle CMS Multiple Vulnerabilities Authors: Sujit Ghosal Copyright: Copyright c 2009 Greenbone Networks GmbH,...