Kategori: NIST-Təhlükəsizlik Zəiflikləri

CVE-2023-0603

The Sloth Logo Customizer WordPress plugin through 2.0.2 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping,…

Devamını oku

CVE-2020-18131

Cross Site Request Forgery (CSRF) vulnerability in Bluethrust Clan Scripts v4 allows attackers to escilate privledges to an arbitrary account via a crafted request to…

Devamını oku

CVE-2020-18132

Cross Site Scripting (XSS) vulnerability in MIPCMS 3.6.0 allows attackers to execute arbitrary code via the category name field to categoryEdit. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2020-18282

Cross-site scripting (XSS) vulnerability in NoneCms 1.3.0 allows remote attackers to inject arbitrary web script or HTML via feedback feature. Zafiyet ile ilgili Genel Bilgi,…

Devamını oku

CVE-2020-19660

Cross Site Scripting (XSS) pandao editor.md 1.5.0 allows attackers to execute arbitrary code via crafted linked url values. Zafiyet ile ilgili Genel Bilgi, Etki ve…

Devamını oku

CVE-2020-21038

Open redirect vulnerability in typecho 1.1-17.10.30-release via the referer parameter to Login.php. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…

Devamını oku

CVE-2020-22334

Cross Site Request Forgery (CSRF) vulnerability in beescms v4 allows attackers to delete the administrator account via crafted request to /admin/admin_admin.php. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2020-22755

File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943. Zafiyet ile ilgili Genel…

Devamını oku

CVE-2020-23966

SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET request. Zafiyet…

Devamını oku