Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2019-12362

Disclosure Date: May 27, 2019 (last updated November 27, 2024)
EmpireCMS 7.5.0 has XSS via the HTTP Referer header to e/member/doaction.php.
0
0
Attacker Value
Unknown

CVE-2019-12361

Disclosure Date: May 27, 2019 (last updated November 27, 2024)
EmpireCMS 7.5.0 has XSS via the from parameter to e/member/doaction.php, as demonstrated by a CSRF payload that changes the dynamic page template. The attacker can choose to resend the e/template/member/regsend.php registered activation mail page.
0
0