GHSA-MPV3-G527-FQRJ Cloud Foundry Runtime Cross-Site Request Forgery vulnerability

Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry PCF Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery CSRF attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF checks...

newsPHP file inclusion & bad login validation

newsPHP arbitary file inclusion & bad login validation ===+++===+++===+++ Product: newsPHP Version: = v216 Vendor: http://www.nphp.net Author: Officerrr [email protected] Discover by: Officerrr [email protected] Vendor Response: Not contacted yet... ===+++===+++===+++ Problem 1:...