11 matches found
EUVD-2021-30645
Malicious code in bioql PyPI...
EUVD-2021-30644
Malicious code in bioql PyPI...
xiaohuanxiong CMS SQL注入漏洞
xiaohuanxiong is an open source comic CMS by guoguo individual developers. xiaohuanxiong version 1.0 is vulnerable to SQL injection, which originates from the id parameter in /app/controller/Books.php. No detailed vulnerability details are available...
xiaohuanxiong CMS cross-site request forgery vulnerability
xiaohuanxiong CMS is a comic book CMS. xiaohuanxiong CMS version 5.0.17 is vulnerable to cross-site request forgery, which stems from a WEB application that does not sufficiently validate that the request is from a trusted user. An attacker could use this vulnerability to modify the password of t...
CVE-2021-43737
An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can modify administrator account's password...
Cross site request forgery (csrf)
An issus was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can modify administrator account's password...
CVE-2021-43738
An issue was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can that can add the administrator account...
CVE-2021-43737
CVE-2021-43737 affects xiaohuanxiong CMS 5.0.17. The issue is a cross-site request forgery (CSRF) in the WEB application that allows an attacker to modify the password of the administrator account. Root cause described in sources is insufficient validation that requests originate from a trusted u...
CVE-2021-43738
CVE-2021-43738 affects xiaohuanxiong CMS 5.0.17 and stems from a cross-site request forgery (CSRF) flaw that can be exploited to add an administrator account. Sources from CVE entries describe the vulnerability and its impact as user account elevation through CSRF, with CVSS details indicating hi...
CVE-2021-43738
An issue was discovered in xiaohuanxiong CMS 5.0.17. There is a CSRF vulnerability that can that can add the administrator account...
xiaohuanxiong CMS 跨站请求伪造漏洞
xiaohuanxiong CMS is a comic book CMS. xiaohuanxiong CMS version 5.0.17 is vulnerable to cross-site request forgery, which stems from a WEB application that does not sufficiently validate that the request is from a trusted user. An attacker could use this vulnerability to modify the password of t...