📦 Pyrocms

PyroCMS 3.9 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code on affected systems. This remote code execution vulnerability affect...

This CSRF vulnerability in PyroCMS allows attackers to trick authenticated admin users into unknowingly deleting arbitrary plugins via a malicious link or webpage. It affects PyroCMS 3.7 installations...

PyroCMS v3.0.1 contains a stored cross-site scripting vulnerability in the admin redirects configuration. Attackers can inject malicious JavaScript into the 'Redirect From' field, which executes when ...