CVE-2022-34161

IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 229331...

Gutenberg & Elementor Templates Importer For Responsive < 2.2.6 - Unprotected AJAX Endpoints

These flaws allowed any authenticated user, regardless of privilege level, the ability to execute various AJAX actions 23 that could reset site data, inject malicious JavaScript in pages, modify theme customizer data, import .xml and .json files, and activate plugins, among many other actions. Po...

Miscellaneous actions are vulnerable to CSRF

This issue is to track the following subset of actions from CONF-27690: StartClusterAction, execute ExternalUserConnectivityAction, execute HandleNameConflictsAction, execute FlushIndexQueueAction, execute ContentRemigrationAction, execute...

PT-2006-4418 · Invision · Invision Power Board

Name of the Vulnerable Software and Affected Versions: Invision Power Board versions 1.x through 2.x Description: Multiple SQL injection vulnerabilities allow remote attackers to execute arbitrary SQL commands via various parameters in different actions in index.php and coins list.php. The...