Filtered by vendor Timgreen Subscriptions

Search

Switch to Advanced Search (Beta)
Total 8 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-50649 2 Python Book, Timgreen 2 Python Book, Python Book 2025-06-17 9.8 Critical
The user avatar upload function in python_book V1.0 has an arbitrary file upload vulnerability.
CVE-2024-50650 2 Python Book, Timgreen 2 Python Book, Python Book 2025-06-17 7.5 High
python_book V1.0 is vulnerable to Incorrect Access Control, which allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter.
CVE-2024-50966 2 Dingfanzu, Timgreen 2 Cms, Dingfanzu Cms 2025-05-28 9.3 Critical
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addAdmin.
CVE-2024-48191 2 Dingfangzu, Timgreen 2 Dingfangzu, Dingfanzu Cms 2025-05-27 6.3 Medium
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=delAdmin&id=17
CVE-2024-48291 2 Dingfangzu, Timgreen 2 Dingfangzu, Dingfanzu Cms 2025-05-27 6.3 Medium
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/doAdminAction.php?act=editAdmin&id=17
CVE-2024-48758 2 Dingfanzu, Timgreen 2 Cms, Dingfanzu Cms 2025-05-27 6.1 Medium
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro parameter of the component doAdminAction.php which allows a remote attacker to execute arbitrary code
CVE-2024-46485 2 Dingfanzu, Timgreen 2 Cms, Dingfanzu Cms 2025-05-27 6.3 Medium
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/doAdminAction.php?act=addCate
CVE-2024-46600 2 Dingfangzu, Timgreen 2 Dingfangzu, Dingfanzu Cms 2025-05-27 4.7 Medium
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/doAdminAction.php?act=delCate&id=31