CVE-2022-44387 EyouCMS V1.5.9-UTF8-SP1 had a CSRF vulnerability in the Basic Information component of the Edit Member module.
An attacker could exploit this issue to force the user to login via CSRF if they have access to the backend system. In certain cases,
CVE-2022-43323 EyouCMS V1.5.9-UTF8-SP1 was found to have a CSRF vulnerability in the Top Up Balance component.
This issue can be exploited to hijack the user's session if he/she has the same email address on the site as on
CVE-2022-43692 Reflected XSS can be exploited by a user if the targeted administrator is using an older browser that lacks XSS protection.
If you are running a version before 8.5.10 and are using a browser that supports XSS protection you must update to a version
CVE-2022-43693 - Concrete CMS CSRF Vulnerability in OAuth External Authentication Service
The CVE-2022-43693 vulnerability in Concrete CMS (a popular open-source content management system) exposes its users to a Cross-Site Request Forgery (CSRF) attack. This vulnerability stems
CVE-2022-3574 The WPForms Pro plugin before 1.7.7 does not validate form data when exporting, which could lead to CSV injection.
If a site administrator saved the generated CSV on a local hard drive and then transferred it to a different site via a file transfer,
Episode
00:00:00
00:00:00