417 matches found
CVE-2024-1111 SourceCodester QR Code Login System add-user.php cross site scripting
A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...
PT-2024-16770
Name of the Vulnerable Software and Affected Versions SourceCodester QR Code Login System version 1.0 Description A vulnerability has been found in the SourceCodester QR Code Login System, affecting some unknown functionality of the file add-user.php. The manipulation of the qr-code argument lead...
SourceCodester QR Code Login System 安全漏洞
QR Code Login System is a modern authentication QR code solution for rems individual developers. A security vulnerability exists in the SourceCodester QR Code Login System version 1.0, which stems from the fact that add-user.php contains an unknown function that leads to cross-site scripting via...
CVE-2023-50921
An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the adduser interface in the system module to gain root privileges. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750...
Various GL.iNet products Security Breach
GL.iNet MT3000 and others are products of China's GL.iNet GL.iNet.GL.iNet MT3000 is an AX3000 portable router that uses the Wi-Fi 6 protocol.GL.iNet AR750S is a router.GL.iNet AR750 is a router.GL.iNet AR750 is a router. A security vulnerability exists in several GL.iNet products that originated...
CVE-2023-6464
A vulnerability was found in SourceCodester User Registration and Login System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument user leads to sql injection. The attack may be launched remotely...
SourceCodester User Registration and Login System SQL Injection Vulnerability
User Registration and Login System is a user registration and login system by Remy Andrade, an individual developer. A SQL injection vulnerability exists in the SourceCodester User Registration and Login System, which originates from an SQL injection in the user parameter of /endpoint/add-user.ph...
CVE-2023-6463
A vulnerability has been found in SourceCodester User Registration and Login System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument firstname leads to cross site scripting. The attac...
CVE-2023-6463 SourceCodester User Registration and Login System add-user.php cross site scripting
A vulnerability has been found in SourceCodester User Registration and Login System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument firstname leads to cross site scripting. The attac...
PT-2023-32676 · Unknown · Sourcecodester User Registration/Login System
Name of the Vulnerable Software and Affected Versions: SourceCodester User Registration and Login System version 1.0 Description: A vulnerability has been found in the system, classified as problematic. It affects an unknown functionality of the file "/endpoint/add-user.php". The manipulation of...
SourceCodester User Registration and Login System Cross-Site Scripting Vulnerability
User Registration and Login System is a user registration and login system by Remy Andrade, an individual developer. A cross-site scripting vulnerability exists in the SourceCodester User Registration and Login System, which originates from cross-site scripting in the firstname parameter of...
Metasploit Weekly Wrap-Up
New module content 4 Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control Authors: Emir Polat and Unknown Type: Auxiliary Pull request: 18447 contributed by emirpolatt Path: admin/http/atlassianconfluenceauthbypass AttackerKB reference: CVE-2023-22515...
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
Cross site scripting
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
PT-2023-28800 · Unknown · Cms Made Simple
Name of the Vulnerable Software and Affected Versions: CMSmadesimple version 2.2.18 Description: The issue allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component. This enables the attacker to...
CMS Made Simple Cross-Site Scripting Vulnerability
CMS Made Simple CMSMS is an open source content management system CMS by Cmsms team. The system supports role-based permission management system, wizard-based installation and update mechanism, intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in CMS Made Simple...
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...