Noth

**Name of the Vulnerable Software and Affected Versions** Pixelimity version 1.0 **Description** The issue is related to cross-site request forgery. It affects the "admin/setting.php" endpoint, specifically the `Password` parameter. **Recommendations** For Pixelimity version 1.0, consider restricting access to the "admin/setting.php" endpoint to minimize the risk of exploitation. As a temporary workaround, avoid using the `Password` parameter in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CMSUno versions prior to 1.6.1 **Description** An issue was discovered that allows Cross-Site Request Forgery (CSRF) attacks to change the admin password through the uno.php file. **Recommendations** For versions prior to 1.6.1, update to version 1.6.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the uno.php file to minimize the risk of exploitation.