Lucene search
K

416 matches found

CNNVD
CNNVD
added 2024/10/29 12:0 a.m.4 views

AquilaCMS 安全漏洞

AquilaCMS is a complete multipurpose open source CMS from the AquilaCMS team. A security vulnerability exists in AquilaCMS version 1.409.20 and prior versions that originates from user input that is not adequately validated by the Add a user feature. This allows an unauthenticated attacker to...

5.3CVSS6.7AI score0.0043EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2024/09/23 12:0 a.m.334 views

Quiz Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Quiz Management System v1.0 CSRF Add user Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 130.0...

7.4AI score
Exploits0
OSV
OSV
added 2024/08/30 3:15 p.m.4 views

CVE-2024-8341

A vulnerability classified as critical was found in SourceCodester Petshop Management System 1.0. This vulnerability affects unknown code of the file /controllers/adduser.php. The manipulation of the argument avatar leads to unrestricted upload. The attack can be initiated remotely. The exploit h...

9.8CVSS5.5AI score0.00721EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/08/30 12:0 a.m.8 views

PT-2024-38956 · Sourcecodester · Sourcecodester Petshop Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Petshop Management System version 1.0 Description: A critical issue was found in the SourceCodester Petshop Management System. This issue affects the code in the file /controllers/add user.php. The manipulation of the avatar...

9.8CVSS6.6AI score0.00721EPSS
Exploits1References9
OSV
OSV
added 2024/08/16 2:15 a.m.2 views

CVE-2024-7851

A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Users.php?f=save of the component Add User Handler. The manipulation leads to improper authorization. The attack can be...

9.8CVSS5.4AI score0.00591EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/16 12:0 a.m.15 views

CVE-2024-7851 SourceCodester Yoga Class Registration System Add User Users.php improper authorization

A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Users.php?f=save of the component Add User Handler. The manipulation leads to improper authorization. The attack can be...

6.5CVSS7.3AI score0.00591EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/16 12:0 a.m.27 views

CVE-2024-7851 SourceCodester Yoga Class Registration System Add User Users.php improper authorization

A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Users.php?f=save of the component Add User Handler. The manipulation leads to improper authorization. The attack can be...

6.5CVSS0.00591EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/08/15 12:0 a.m.3 views

PT-2024-38628 · Sourcecodester · Sourcecodester Yoga Class Registration System

Name of the Vulnerable Software and Affected Versions: SourceCodester Yoga Class Registration System version 1.0 Description: A critical issue has been discovered, affecting the Add User Handler component, specifically the file /classes/Users.php?f=save. This issue leads to improper authorization...

9.8CVSS6.5AI score0.00591EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.3 views

Product Show Room 跨站脚本漏洞

Product Show Room Site is a product show room website by Carlo Montero's personal developer. A cross-site scripting vulnerability exists in Product Show Room 1.0 and earlier versions, which is caused by an easy cross-site scripting attack via the Middle Name parameter under Add User...

5.3CVSS6AI score0.00294EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.3 views

Product Show Room 跨站脚本漏洞

Product Show Room Site is a product show room website by Carlo Montero's personal developer. A cross-site scripting vulnerability exists in Product Show Room 1.0 and prior versions, which originates from an easy cross-site scripting attack via the First Name parameter under Add User...

8.2CVSS6AI score0.00508EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2024/03/26 10:15 p.m.1 views

CVE-2023-51146

Buffer Overflow vulnerability in TRENDnet AC1200 TEW-821DAP with firmware version 3.00b06 allows an attacker to execute arbitrary code via the admadduser action...

8CVSS6.2AI score0.00498EPSS
Exploits1References2
OSV
OSV
added 2024/03/26 10:15 p.m.4 views

CVE-2023-51146

Buffer Overflow vulnerability in TRENDnet AC1200 TEW-821DAP with firmware version 3.00b06 allows an attacker to execute arbitrary code via the admadduser action...

8CVSS6.1AI score0.00498EPSS
Exploits1References1
OSV
OSV
added 2024/03/20 10:15 p.m.4 views

CVE-2024-24050

Cross Site Scripting XSS vulnerability in Sourcecodester Workout Journal App 1.0 allows attackers to run arbitrary code via parameters firstname and lastname in /add-user.php...

4.7CVSS6AI score0.00443EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.6 views

PT-2024-20255 · Sourcecodester · Sourcecodester Workout Journal App

Name of the Vulnerable Software and Affected Versions: Sourcecodester Workout Journal App version 1.0 Description: The issue allows attackers to run arbitrary code via parameters firstname and lastname in the "/add-user.php" API endpoint. This enables attackers to execute arbitrary code,...

4.7CVSS8.5AI score0.00443EPSS
Exploits4References5
CNNVD
CNNVD
added 2024/03/20 12:0 a.m.6 views

Sourcecodester Workout Journal App 跨站脚本漏洞

Workout Journal App is workout journal application. A security vulnerability exists in version 1.0 of the Sourcecodester Workout Journal App that stems from a cross-site scripting XSS vulnerability in the parameters firstname and lastname in the file /add-user.php...

4.7CVSS4.6AI score0.00443EPSS
Exploits4References3
OSV
OSV
added 2024/03/12 1:15 p.m.3 views

CVE-2024-2393

A vulnerability was found in SourceCodester CRUD without Page Reload 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file adduser.php. The manipulation of the argument city leads to sql injection. The attack can be launched remotely. The...

9.8CVSS5.7AI score0.00693EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/03/12 12:0 a.m.4 views

sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial SQL Injection Vulnerability

sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial is an open source project to help people learn how to build or develop a PHP CRUD without refresh/reload using Ajax and DataTables. sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial...

9.8CVSS7.9AI score0.00693EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/03/12 12:0 a.m.3 views

PT-2024-20184 · Unknown · Sourcecodester Crud Without Page Reload

Name of the Vulnerable Software and Affected Versions: SourceCodester CRUD without Page Reload version 1.0 Description: A critical issue has been found, affecting an unknown functionality of the file add user.php. The manipulation of the city argument leads to SQL injection. This issue can be...

9.8CVSS8.1AI score0.00693EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/03/08 12:0 a.m.3 views

PT-2024-14057 · Trendnet · Trendnet Ac1200 Tew-821Dap

Name of the Vulnerable Software and Affected Versions: TRENDnet AC1200 TEW-821DAP version 3.00b06 Description: A Buffer Overflow issue allows an attacker to execute arbitrary code via the adm add user action. This can be exploited to gain unauthorized access and control over the device...

8CVSS8.2AI score0.00498EPSS
Exploits1References8
OSV
OSV
added 2024/01/31 7:15 p.m.3 views

CVE-2024-1111

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

6.1CVSS4AI score0.00415EPSS
Exploits0References2
Rows per page
Query Builder