PT-2024-31521 · Skysystem · Skysystem Arfa-Cms

Name of the Vulnerable Software and Affected Versions: SkySystem Arfa-CMS versions prior to 5.1.3124 Description: A cross-site request forgery CSRF vulnerability in the admin panel allows remote attackers to add a new administrator, leading to escalation of privileges. This issue enables attacker...

SkySystem Arfa-CMS 安全漏洞

SkySystem Arfa-CMS is a content management system from SkySystem, Inc. A security vulnerability exists in SkySystem Arfa-CMS version 5.1.3124 and prior versions, which stems from a cross-site request forgery CSRF vulnerability in the admin panel...

CVE-2024-45265

A SQL injection vulnerability in the poll component in SkySystem Arfa-CMS before 5.1.3124 allows remote attackers to execute arbitrary SQL commands via the psid parameter...

PT-2024-31522 · Skysystem · Arfa-Cms

Name of the Vulnerable Software and Affected Versions: SkySystem Arfa-CMS versions prior to 5.1.3124 Description: A SQL injection issue in the poll component allows remote attackers to execute arbitrary SQL commands via the psid parameter. This enables attackers to manipulate database queries,...