Lu0R3N

**Name of the Vulnerable Software and Affected Versions** Shop CMS YerShop versions all **Description** The issue allows a remote attacker to escalate privileges via the `cover id` parameter. **Recommendations** For all versions, consider restricting access to the `cover id` parameter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Verytops Verydows versions all **Description** A Cross Site Request Forgery (CSRF) issue allows an attacker to execute arbitrary code via a crafted script. This can potentially lead to unauthorized actions on the affected system. **Recommendations** For all versions, consider implementing proper CSRF token validation to prevent unauthorized requests. As a temporary workaround, restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.