CVE-2018-14519 An issue was discovered in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw
The vulnerability can be exploited by remote attackers via CSRF cookies. The security issue affects all users using the delete pages functionality.
CVE Solution -
CVE-2022-38089 Exment stored cross-site scripting vulnerability in v5.0.2 and earlier and v3.0.0 and earlier, v4.4.2 and earlier, and v2.2.2 and earlier.
Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment
CVE-2022-38463 ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality.
Logging out from one customer profile will reflect on any other customer profile. This can lead to a situation where a malicious customer could potentially
CVE-2022-29468 CSRF vulnerability in WWBN AVideo 11.6 and dev master commit 3f7c0364 allows HTTP requests to increase privileges.
To exploit this vulnerability, an attacker must trick a user into clicking a crafted link. For example, attackers can host a website on a server
CVE-2022-2388 The WP Coder plugin before 2.5.3 didn't have CSRF check when deleting code, which could allow attackers to make a logged in admin delete arbitrary ones.
Multiple logged in users can also delete code in a project. WordPress 4.7 fixes this vulnerability by including CSRF protection for actions that can
Episode
00:00:00
00:00:00