RSS   Vulnerabilities for 'Windu cms'   RSS

2019-08-01
 
CVE-2013-7474

CWE-79
 

 
Windu CMS 2.2 allows XSS via the name parameter to admin/content/edit or admin/content/add, or the username parameter to admin/users.

 
 
CVE-2013-7473

CWE-352
 

 
Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account.

 


Copyright 2024, cxsecurity.com

 

Back to Top