CVE-2025-69564

code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExAddNewUser.php via the Name, Address, email, UserName, Password, confirmpassword, Role, Branch, and Activate parameters...

CVE-2025-69564

The CVE-2025-69564 entry affects code-projects Mobile Shop Management System 1.0, with a SQL Injection vulnerability in /ExAddNewUser.php. The issue stems from unsafely handling input parameters Name, Address, email, UserName, Password, confirm_password, Role, Branch, and Activate, enabling poten...

CVE-2025-69564

code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExAddNewUser.php via the Name, Address, email, UserName, Password, confirmpassword, Role, Branch, and Activate parameters...

CVE-2025-69564

code-projects Mobile Shop Management System 1.0 is vulnerable to SQL Injection in /ExAddNewUser.php via the Name, Address, email, UserName, Password, confirmpassword, Role, Branch, and Activate parameters...

CVE-2018-25149 Microhard Systems IPn4G 1.1.0 Cross-Site Request Forgery via Web Interface

Microhard Systems IPn4G 1.1.0 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user consent. Attackers can craft malicious web pages to change admin passwords, add new users, and modify system settings by tricking authenticated...

CVE-2025-10352

The CVE-2025-10352 entry details an unauthenticated vulnerability in Melis Platform’s melis-core, allowing an attacker to create an administrator account via /melis/MelisCore/ToolUser/addNewUser. Affected: Melis Platform melis-core module; impact is unauthorized admin creation with potential full...

Melis Platform 安全漏洞

Melis Platform is an open source cross-framework digital platform from Melis Platform Open Source. A security vulnerability exists in Melis Platform, which originates in the melis-core module and allows an unauthenticated attacker to create an administrator account by requesting...

PT-2025-41245

Name of the Vulnerable Software and Affected Versions Melis Platform affected versions not specified Description A flaw exists in the melis-core module that allows an unauthenticated attacker to create an administrator account. This is achieved by sending a request to the...

EUVD-2020-5672

Malware in sbrugna...

CVE-2022-45215

A cross-site scripting XSS vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module...

CVE-2023-1359

A vulnerability has been found in SourceCodester Gadget Works Online Ordering System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /philosophy/admin/user/controller.php?action=add of the component Add New User. The manipulation of the argument UNAME leads ...

PT-2023-16926 · Sourcecodester · Sourcecodester Gadget Works Online Ordering System

Name of the Vulnerable Software and Affected Versions: SourceCodester Gadget Works Online Ordering System version 1.0 Description: A vulnerability has been found in the SourceCodester Gadget Works Online Ordering System, affecting the component Add New User. The issue is related to the manipulati...

CVE-2022-45215

A cross-site scripting XSS vulnerability in Book Store Management System v1.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the Add New System User module...

WellCMS 跨站请求伪造漏洞

WellCMS is an open source, billion-load, mobile-leaning, lightweight, super-responsive, high-load CMS that is the best choice for large data volumes and high concurrent access websites. Users - Create User - Add New User does not sufficiently verify that the request is from a trusted user. An...

Pharmacy Point of Sale System 1.0 - (Add New User) Cross-Site Request Forgery Vulnerability

Exploit Title: Pharmacy Point of Sale System 1.0 - 'Add New User' Cross-Site Request Forgery CSRF Exploit Author: Murat DEMIRCI @butterflyhunt3r Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

webTareas 跨站请求伪造漏洞

webTareas is a web-based open source collaboration tool. The product supports features such as project management, bug tracking, content management and meeting management. A security vulnerability exists in webTareas, which can be exploited by an attacker to create a new administrative profile, a...

CVE-2020-21357

A stored cross site scripting XSS vulnerability in /admin.php?mod=user&act=addnew of PopojiCMS 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the E-Mail field...

CVE-2020-13418

OpenIAM before 4.2.0.3 allows XSS in the Add New User feature...

Design/Logic Flaw

OpenIAM before 4.2.0.3 allows XSS in the Add New User feature...

CVE-2020-13418

CVE-2020-13418 affects OpenIAM prior to 4.2.0.3, where the vulnerability is a cross-site scripting (XSS) issue in the Add New User feature. Multiple connected sources (NVD/NVDC CNVD/CNNVD) confirm the impact as XSS in that feature and version range, but they do not provide exploit details, affect...