CVE-2023-1363

A vulnerability, which was classified as problematic, was found in SourceCodester Computer Parts Sales and Inventory System 1.0. Affected is an unknown function of the component Add User Account. The manipulation of the argument username leads to cross site scripting. It is possible to launch the...

CVE-2023-0043

The Custom Add User WordPress plugin through 2.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2023-3478

A vulnerability classified as critical was found in IBOS OA 4.5.5. Affected by this vulnerability is the function actionEdit of the file ?r=dashboard/roleadmin/edit=member of the component Add User Handler. The manipulation of the argument id leads to sql injection. The attack can be launched...

CVE-2021-46558

Multiple cross-site scripting XSS vulnerabilities in the Add User module of Issabel PBX 20200102 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inserted into the username and password fields...

CVE-2020-29204

XXL-JOB 2.2.0 allows Stored XSS in Add User to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java...

CVE-2025-5033

A vulnerability classified as problematic was found in XiaoBingby TeaCMS 2.0.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/me/teacms/controller/admin/UserManageController/addUser. The manipulation leads to cross-site request forgery. The attack can be...

CVE-2025-4889

A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access is required to...

CVE-2025-4547

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add User Page. The manipulation leads to cross site scripting. The attack may be launched remotely...

CVE-2025-4547

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add User Page. The manipulation leads to cross site scripting. The attack may be launched remotely...

CVE-2025-4547 SourceCodester Web-based Pharmacy Product Management System Add User Page cross site scripting

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add User Page. The manipulation leads to cross site scripting. The attack may be launched remotely...

CVE-2025-4547 SourceCodester Web-based Pharmacy Product Management System Add User Page cross site scripting

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Add User Page. The manipulation leads to cross site scripting. The attack may be launched remotely...

PT-2025-20669 · Sourcecodester · Sourcecodester Web-Based Pharmacy Product Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Web-based Pharmacy Product Management System version 1.0 Description: A problem was found in the Add User Page component, which can be exploited to perform cross-site scripting attacks. This issue can be launched remotely, and...

SourceCodester Web-based Pharmacy Product Management System 代码注入漏洞

SourceCodester Web-based Pharmacy Product Management System is SourceCodester open source a Web-based pharmacy product management system . A code injection vulnerability exists in version 1.0 of the SourceCodester Web-based Pharmacy Product Management System due to cross-site scripting in the...

CVE-2024-10090

Internet Starter, one of SoftCOM iKSORIS system modules, is vulnerable to Reflected XSS Cross-site Scripting attacks. An attacker might trick a user into filling a form designed for adding users with a malicious script, what causes the script to run in user's context. This vulnerability has been...

The vulnerability of the adm_add_user() function in the ssi service of TRENDnet TEW-821DAP allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the admadduser function in the ssi service of TRENDnet TEW-821DAP wireless access points is related to the escape of the operation outside the buffer in memory when processing the username parameter. Exploiting this vulnerability allows an attacker to execute arbitrary code o...

CVE-2024-12171

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the 'ehcrmagentadduser' AJAX action in all versions up to, and including, 3.2.6. This makes it possible for authenticated attackers, with...

CVE-2024-13069

A vulnerability was found in SourceCodester Multi Role Login System 1.0. It has been classified as problematic. Affected is an unknown function of the file /endpoint/add-user.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. Th...

PT-2024-17913 · Sourcecodester · Sourcecodester Multi Role Login System

Name of the Vulnerable Software and Affected Versions: SourceCodester Multi Role Login System version 1.0 Description: A vulnerability was found in the SourceCodester Multi Role Login System. It has been classified as problematic. The issue is in an unknown function of the file...

SourceCodester Multi Role Login System 安全漏洞

SourceCodester Multi Role Login System is a SourceCodester open source multi-role login system. A security vulnerability exists in SourceCodester Multi Role Login System version 1.0, which originates from the parameter name in the file /endpoint/add-user.php that can lead to cross-site scripting...

PT-2024-17896 · Code Projects · Simple Chat System

Name of the Vulnerable Software and Affected Versions: code-projects Simple Chat System version 1.0 Description: A critical issue affects an unknown functionality of the file /add user.php. The manipulation of the name, email, password, or number argument leads to SQL injection. The attack can be...