JTBC (PHP) Cross-Site Request Forgery Vulnerability (CNVD-2018-26794)

JTBC PHP is an open source CMS Content Management System. A cross-site request forgery vulnerability exists in JTBC PHP version 3.0.1.7. A remote attacker can exploit this vulnerability to perform unauthorized operations with the help of console/xml/manage.php?type=action&action=edit URI...

JTBC(PHP) Cross-Site Request Forgery Vulnerability

JTBC PHP is an open source CMS Content Management System. JTBCPHP 3.0.1.7 version of aboutus/manage.php?type=action&action=add cross-site request forgery vulnerability, remote attackers can use the vulnerability to perform unauthorized operations...

PT-2018-5062 · Processmaker · Processmaker Enterprise Core

Name of the Vulnerable Software and Affected Versions: ProcessMaker Enterprise Core version 3.0.1.7-community Description: The issue allows for SQL Injection attacks through specially crafted web requests. An attacker can exploit this by sending a web request with parameters containing SQL...