Show filters
22 Total Results
Displaying 21-22 of 22
Sort by:
Attacker Value
Unknown

CVE-2019-13086

Disclosure Date: June 30, 2019 (last updated November 27, 2024)
core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/login/check SQL injection by sending a crafted HTTP User-Agent header and omitting the csrf_csz parameter.
0
0
Attacker Value
Unknown

CVE-2019-7566

Disclosure Date: February 07, 2019 (last updated November 27, 2024)
CSZ CMS 1.1.8 has CSRF via admin/users/new/add.
0
0
View More Topics  < Previous