CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

EyouCMS V1.5.9 was discovered to contain multiple Cross-Site Request Forgery (CSRF) vulnerabilities via the Members Center, Editorial Membership, and Points Recharge components.

A security vulnerability exists in EyouCMS V1.5.9 in the backend, Members Center, Editing Membership, and Points Top-up.

1.  Enter the background - > member center - > edit member - > points recharge, as shown in the figure:  
      
      
    
2.  Grab the recharge request package and construct it, as shown below:  
    
3.  Open and enter the background page in the browser to view the user test01 points:  
      
    
4.  Click on the constructed web page:  
      
      
    The figure above shows the page that automatically jumps after successful execution to check whether the points have increased:

Headline

CVE-2022-41500: EyouCMS v1.5.9 has a vulnerability, Cross-site request forgery(CSRF) · Issue #27 · weng-xianhu/eyoucms

CVE: Latest News