2 matches found
CVE-2020-18264
CVE-2020-18264 affects the open‑source blog system Simple-Log v1.6 . The issue is a Cross‑Site Request Forgery (CSRF) vulnerability that allows remote attackers to gain privileges and execute arbitrary code via the URL path Simple-Log/admin/admin.php?act=act_edit_member (and variants referenced i...
CVE-2020-18265
The CVE-2020-18265 entry concerns Simple-Log v1.6, where a Cross-Site Request Forgery (CSRF) vulnerability exists in the admin workflow. The reported issue states that CSRF can allow remote attackers to gain privileges and execute arbitrary code via the component Simple-Log/admin/admin.php?act=ac...