Lucene search
K

417 matches found

Vulnrichment
Vulnrichment
added 2024/01/31 7:0 p.m.4 views

CVE-2024-1111 SourceCodester QR Code Login System add-user.php cross site scripting

A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched...

5CVSS4.8AI score0.00415EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/01/31 12:0 a.m.4 views

PT-2024-16770

Name of the Vulnerable Software and Affected Versions SourceCodester QR Code Login System version 1.0 Description A vulnerability has been found in the SourceCodester QR Code Login System, affecting some unknown functionality of the file add-user.php. The manipulation of the qr-code argument lead...

6.1CVSS4.9AI score0.00415EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/01/31 12:0 a.m.4 views

SourceCodester QR Code Login System 安全漏洞

QR Code Login System is a modern authentication QR code solution for rems individual developers. A security vulnerability exists in the SourceCodester QR Code Login System version 1.0, which stems from the fact that add-user.php contains an unknown function that leads to cross-site scripting via...

6.1CVSS5.6AI score0.00415EPSS
Exploits0References3
OSV
OSV
added 2024/01/03 9:15 a.m.4 views

CVE-2023-50921

An issue was discovered on GL.iNet devices through 4.5.0. Attackers can invoke the adduser interface in the system module to gain root privileges. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750...

9.8CVSS5.8AI score0.00519EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/03 12:0 a.m.5 views

Various GL.iNet products Security Breach

GL.iNet MT3000 and others are products of China's GL.iNet GL.iNet.GL.iNet MT3000 is an AX3000 portable router that uses the Wi-Fi 6 protocol.GL.iNet AR750S is a router.GL.iNet AR750 is a router.GL.iNet AR750 is a router. A security vulnerability exists in several GL.iNet products that originated...

9.8CVSS7AI score0.00519EPSS
Exploits0References2
OSV
OSV
added 2023/12/02 9:15 a.m.4 views

CVE-2023-6464

A vulnerability was found in SourceCodester User Registration and Login System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument user leads to sql injection. The attack may be launched remotely...

9.8CVSS5.8AI score0.00796EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/12/02 12:0 a.m.3 views

SourceCodester User Registration and Login System SQL Injection Vulnerability

User Registration and Login System is a user registration and login system by Remy Andrade, an individual developer. A SQL injection vulnerability exists in the SourceCodester User Registration and Login System, which originates from an SQL injection in the user parameter of /endpoint/add-user.ph...

9.8CVSS8AI score0.00796EPSS
Exploits1References3
OSV
OSV
added 2023/12/01 11:15 p.m.3 views

CVE-2023-6463

A vulnerability has been found in SourceCodester User Registration and Login System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument firstname leads to cross site scripting. The attac...

5.4CVSS3.8AI score0.00604EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/12/01 10:31 p.m.32 views

CVE-2023-6463 SourceCodester User Registration and Login System add-user.php cross site scripting

A vulnerability has been found in SourceCodester User Registration and Login System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument firstname leads to cross site scripting. The attac...

4CVSS5.5AI score0.00604EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/12/01 12:0 a.m.4 views

PT-2023-32676 · Unknown · Sourcecodester User Registration/Login System

Name of the Vulnerable Software and Affected Versions: SourceCodester User Registration and Login System version 1.0 Description: A vulnerability has been found in the system, classified as problematic. It affects an unknown functionality of the file "/endpoint/add-user.php". The manipulation of...

5.4CVSS4.2AI score0.00604EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/12/01 12:0 a.m.41 views

SourceCodester User Registration and Login System Cross-Site Scripting Vulnerability

User Registration and Login System is a user registration and login system by Remy Andrade, an individual developer. A cross-site scripting vulnerability exists in the SourceCodester User Registration and Login System, which originates from cross-site scripting in the firstname parameter of...

5.4CVSS6.1AI score0.00604EPSS
Exploits1References3
Rapid7 Blog
Rapid7 Blog
added 2023/10/27 6:46 p.m.49 views

Metasploit Weekly Wrap-Up

New module content 4 Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control Authors: Emir Polat and Unknown Type: Auxiliary Pull request: 18447 contributed by emirpolatt Path: admin/http/atlassianconfluenceauthbypass AttackerKB reference: CVE-2023-22515...

7.5CVSS9.5AI score0.99156EPSS
Exploits46
OSV
OSV
added 2023/10/20 10:15 p.m.2 views

CVE-2023-43355

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...

5.4CVSS6.1AI score0.00485EPSS
Exploits1References2
NVD
NVD
added 2023/10/20 10:15 p.m.23 views

CVE-2023-43355

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...

5.4CVSS5.8AI score0.00485EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2023/10/20 10:15 p.m.3 views

CVE-2023-43355

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...

5.4CVSS6.2AI score0.00485EPSS
Exploits1References3
Prion
Prion
added 2023/10/20 10:15 p.m.18 views

Cross site scripting

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...

4.9CVSS5.7AI score0.00485EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/20 12:0 a.m.4 views

PT-2023-28800 · Unknown · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMSmadesimple version 2.2.18 Description: The issue allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component. This enables the attacker to...

5.4CVSS5.7AI score0.00485EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/10/20 12:0 a.m.2 views

CMS Made Simple Cross-Site Scripting Vulnerability

CMS Made Simple CMSMS is an open source content management system CMS by Cmsms team. The system supports role-based permission management system, wizard-based installation and update mechanism, intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in CMS Made Simple...

5.4CVSS7AI score0.00485EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/10/20 12:0 a.m.26 views

CVE-2023-43355

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...

6.5AI score0.00485EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/20 12:0 a.m.12 views

CVE-2023-43355

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...

7.1AI score0.00485EPSS
Exploits1References2
Rows per page
Query Builder